Snort mailing list archives

RE: Real time monitoring and/or notification?

From: "Michael Scheidell" <scheidell () fdma com>
Date: Wed, 24 Oct 2001 09:32:33 -0400

Message: 4
From: "Sheahan, Paul (PCLN-NW)" <Paul.Sheahan () priceline com>
To: "Snort List (E-mail)" <snort-users () lists sourceforge net>
Date: Tue, 23 Oct 2001 18:13:56 -0400
Subject: [Snort-users] Real time monitoring and/or notification?

Hello,

I was wondering if there were a tool available to allow real time

monitoring

of attacks in Snort? I was also looking for a tool to allow notification
(email, pager etc) with Snort? I would love to have this feature and would
upgrade/convert to whatever version supports it. Anyone seen any tools

that

offer these features?


I have some 'hacks' to alert_smb that send an email INSTEAD of smb alerts.
Basically just replaced the smbclient  -M %s with sendmail -oi %s
(made the buffer bigger, added in some headers to keep it friendly, set it
high priority in unix/Windos mailers, put the alert type on the subject like
to I could fit MOST stuff in the 110 char limit for pager.
for priceline, I will take bids....


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Real time monitoring and/or notification? Sheahan, Paul (PCLN-NW) (Oct 23)
- RE: Real time monitoring and/or notification? Frank Reid (Oct 23)
- <Possible follow-ups>
- RE: Real time monitoring and/or notification? Michael Scheidell (Oct 24)
- RE: Real time monitoring and/or notification? Fraser Hugh (Oct 24)