Snort mailing list archives

Re: Windows Snort IPS Installation/Configuration Guide

From: Peter Bates <peter.bates () ucl ac uk>
Date: Thu, 29 Nov 2012 15:23:52 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi again

On 29/11/2012 15:08, Cintron, Jose J. wrote:

I agree that Windows is not the optimal solution, but the learning curve for this folks to learn *nix will be as 
monumental as mine would be if I was trying to assemble a nuclear reactor.


Indeed, I realise that.

My point was more that Snort is a fairly complex application regardless 
of platform - so just having it on one they know (Windows) is no
guarantee that they'll understand how it works any better than on a platform
they've never touched (*nix).

The 'put it in/configure interfaces/look at the Web interface' solutions
I linked to perform a very good job of hiding all the complexity of the OS away.

Obviously if the idea is to hook into very Microsoft-specific infrastructure
(logging alerts to SQL Server, for instance) then Windows is a better choice.

- -- 
Peter Bates
Senior Information Security Officer   Phone: +44(0)2076792049
Information Services Division         Internal Ext: 32049
University College London
London WC1E 6BT
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQEcBAEBAgAGBQJQt34IAAoJELhVoVpEMS6RxH0H/2Dnd7eEUcGQcy5UxNYUC21e
C+4tDrYG6SWtCjdydhS01y1KEt0oEj9PxqrwhOvRe1rpSoUSQzpLUCDZeWa7yc/u
HUbOW7xJyjMeYF48uCZkDhSBvqat2H4QvQnVeZrlU9+bmoh5tgPAu2R+72iN9PTH
0A/j9yo8fWaSIK0EfkjbrXwwZcFxOQGBafEmbCYrP9yXATL37oRQmb5ILpbQdDgz
Ah+sf/QvNyEAySArJAFqWbn1acKAH9Wa3BOb/K3uAU82qBhc+YzNQcKDnyyFt+yx
3v3obvYMD9bb5WMZnjpLAcg35vEZxkV3qUUU5p8D2GZMxfpQC0M4n83kQSA2NnE=
=IHr4
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
Keep yourself connected to Go Parallel: 
VERIFY Test and improve your parallel project with help from experts 
and peers. http://goparallel.sourceforge.net
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Windows Snort IPS Installation/Configuration Guide Cintron, Jose J. (Nov 29)
- Re: Windows Snort IPS Installation/Configuration Guide Michael Steele (Nov 29)
- Re: Windows Snort IPS Installation/Configuration Guide Peter Bates (Nov 29)
  - Re: Windows Snort IPS Installation/Configuration Guide Cintron, Jose J. (Nov 29)
    - Re: Windows Snort IPS Installation/Configuration Guide Peter Bates (Nov 29)
    - Re: Windows Snort IPS Installation/Configuration Guide Michael Steele (Nov 29)