Snort mailing list archives
Re: center alert
From: Joe McAlerney <joey () SiliconDefense com>
Date: Mon, 11 Mar 2002 19:24:54 -0800
Hi Loong, You're going to have to look into the documentation there buddy. Both ACID and Demarc are well documented, and provide a number of user configurable options to satisfy your needs. After you decide on what to do, and start setting your infrastructure up you may run into a few problems. If this happens, post back with some specific questions, and I'm sure they'll get answered on this list. There are also complete walkthroughs available on different websites including Snort.org and SiliconDefense.com. I know others have posted theirs on this list before. You may want to search the archive using the keyword "walkthrough". Hope this helps, -Joe M. -- Joe McAlerney Software Developer / Security Consultant joey () SiliconDefense com Silicon Defense: IDS Solutions -=- http://www.silicondefense.com/ loong wrote:
hi thanks for reply i not sure how it work, the 5 snort is in different place , how can i monitor the alert in my office pc, can i collect all the alert mail from mail the store in the database , and can i online view from my pc when there is alert mail come in ? thanks Loong ----- Original Message ----- From: "Joe McAlerney" <joey () SiliconDefense com> To: "loong" <loong () eads com my> Cc: <snort-users () lists sourceforge net> Sent: Tuesday, March 12, 2002 6:44 AM Subject: Re: [Snort-users] center alertHi loong, You may want to take a look at ACID, which allows you to monitor alerts from several machines by interfacing with a single database. Demarc's PureSecure should suit your needs as well. It provides additional functionality, such as rule management and detailed sensor statistics. ACID : http://acidlab.sourceforge.net/ DEMARC: http://www.demarc.com/ Happy Snorting! -Joe M. -- Joe McAlerney Software Developer / Security Consultant joey () SiliconDefense com Silicon Defense: IDS Solutions -=- http://www.silicondefense.com/loong wrote: hi i have 5 snort install on different location and building and it send alert mail to my email address is there anywhere i can collect it to centre and console it online ? any site recommend ? loong_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- center alert loong (Mar 11)
- Re: center alert Joe McAlerney (Mar 11)
- Re: center alert loong (Mar 11)
- Re: center alert Joe McAlerney (Mar 11)
- Re: center alert loong (Mar 11)
- Re: center alert Joe McAlerney (Mar 11)