Snort mailing list archives

Snort sensor general?

From: Corbin Fletcher <corbin () freeway com>
Date: Tue, 17 Apr 2012 10:48:47 -0700

Hello All,

I have be preforming some initial research into the capability of aSnort sensor. My working knowledge of Snort is quite limited.

Considering that we want to implement Snort as an NIDS, my question is,can Snort monitor for file creation in directory /var/www/html/admin/ ona remote host?

For example, we have Snort running at the edge of our network and wehave physical servers host-00 and host-01. We need Snort to send anemail alert if a file is created or modified (unwanted manipulation) in/var/www/html/admin/ on host-00 and host-01.

Is it possible to configure Snort to check file system integrity and howis this achieved?


Thanks in Advance...in guidance is much appreciated.
--
Corbin Fletcher
*Freeway Communications LLC*
800 S. Hope St., Suite 101
Los Angeles, CA 90017
Ph: 213.225.2200 x115

------------------------------------------------------------------------------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second 
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Snort sensor general? Corbin Fletcher (Apr 17)
- Re: Snort sensor general? Jeremy Hoel (Apr 17)
  - Re: Snort sensor general? Castle, Shane (Apr 17)
    - Re: Snort sensor general? Jefferson, Shawn (Apr 17)
    - Re: Snort sensor general? Heine Lysemose (Apr 18)
    - Re: Snort sensor general? Faegheh Majidzadeh (Apr 18)