RE: Snort front ends

[jas () dect com]

Snortsnarf is what I used before.  The main thing I like about having an SQL
back end is that low, slow scans might be recognizable and it's possible to
keep history around and more available almost indefinitely.

-----Original Message-----
From: Anthony Scott [mailto:ascott () triadfoodsgroup com]
Sent: Thursday, June 13, 2002 10:33 AM
To: jas () dect com
Subject: RE: [Snort-users] Snort front ends


SnortSnarf is nice also... very easy to implement. Works with *nix and
Windows.
Find it here:
http://www.silicondefense.com/software/snortsnarf/index.htm



-----Original Message-----
From: jas () dect com [mailto:jas () dect com]
Sent: Thursday, June 13, 2002 9:05 AM
To: Snort-Users@Lists. Sourceforge. Net
Subject: RE: [Snort-users] Snort front ends


Very cool!  That's perfect.  That's just about perfect!  I only have one
sensor box (public (read-only) and private ports).  Thanks!!

Thanks to Steven Scott for putting the document together!

-----Original Message-----
From: Kristopher Czachor [mailto:czachor () syrres com]
Sent: Thursday, June 13, 2002 9:42 AM
To: jas () dect com
Subject: RE: [Snort-users] Snort front ends


I'm using Snort + MySQL + ACID for monitoring my network and it's pretty
straight forward to use and implement. One of the users on this list
wrote some nice documentation on how he got the ACID set up and working.
You can find the documentation at http://home.earthlink.net/~sjscott007/
. Although I didn't use this documentation, I did look it over and it
seemed pretty through. Of course, I'm assuming that you're going to be
using the Linux distribution. I'm not using the windows so if you're
planning on using that that particular document won't apply.

HTH,
Kris

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of
jas () dect com
Sent: Wednesday, June 12, 2002 11:09 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Snort front ends

I've gotten seriously out of the loop on Snort for awhile.  I use it
pretty
often but it's installed in the "dump to syslog" mode and then the
syslog
file is monitored.

What's the latest on a web-based front-end?  I'm putting a box in place
and
would like a nice graphical front end.  How big a deal is getting Snort
and
MySQL running?  I have 1.8.6 running.


_______________________________________________________________

Sponsored by:
ThinkGeek at http://www.ThinkGeek.com/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -
http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users