Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Snort and ACID (multiple sensors)

From: "Luo, Feng (Exchange)" <fengluo () bear com>
Date: Thu, 21 Mar 2002 13:55:52 -0500
What kind of the secure path for the remote sensor to connect to the MySQL
database you mentioned here, please specify.

-----Original Message-----
From: Michael Steele [mailto:michaels () silicondefense com]
Sent: Thursday, March 21, 2002 11:11 AM
To: snort-users () lists sourceforge net
Cc: 'Rohit Raju'
Subject: RE: [Snort-users] Snort and ACID (multiple sensors)



Rohit,

 

You will need to have snort log to one centralized database, then use Acid
to read from that one database.

 

Change the output database line in snort.conf to reflect the location of
your ONE database and change the user name. Then add that user to MySQL with
the approperate permissions. Make sure you have a secure path for the remote
sensor to connect to the MySQL database.

- Michael

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Rohit Raju
Sent: Thursday, March 21, 2002 6:18 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Snort and ACID (multiple sensors)

 

Hi,

 

      I have Snort running at the entry points into my Co.'s two
geographically separated intranets...both logging into their respective
MySQL databases. I use ACID to monitor the alerts. My question is, can i
monitor both those sensors using a single ACID interface? 

      ...in other words, how do i add another sensor to my ACID console?

 

                                                   Regards,

                                                   Rohit Raju, CISSP.

                                                   Network Security
Engineer,

                                                   Peak XV Networks, Inc.

 


****************************************************************
Bear Stearns is not responsible for any recommendation, solicitation, 
offer or agreement or any information about any transaction, customer 
account or account activity contained in this communication.
***********************************************************************
Previous By Date Next
Previous By Thread Next

Current thread: