Snort mailing list archives
Re: What are folks doing for alerting
From: "Distribution Lists" <dist-lists () e-securenetworks net>
Date: Tue, 19 Nov 2002 15:11:55 -0600 (CST)
I've been using swatch for a while now. It basically 'tails' the alert log looking for keywords like 'PORTSCAN', etc... and then will execute a shell script. This way I can send alerts to an email address or even a pager or cell phone that is email enabled. Regards
I was just curious what people are doing for alerting, if any... Acid is working great but would like to get a email when a box starts spewing code red for instance... Thanks Regards, --------------------- Jared Bergeron Systems Analyst XEROX Office Printing Business ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- What are folks doing for alerting Bergeron, Jared (Nov 19)
- Re: What are folks doing for alerting hackerwacker (Nov 19)
- Re: What are folks doing for alerting Distribution Lists (Nov 19)
- <Possible follow-ups>
- RE: What are folks doing for alerting Slighter, Tim (Nov 19)
- RE: What are folks doing for alerting Ibarra, Michael (Nov 19)
- Re: What are folks doing for alerting hackerwacker (Nov 19)
- RE: What are folks doing for alerting Ibarra, Michael (Nov 19)
- RE: RE: What are folks doing for alerting Slighter, Tim (Nov 19)
- Re: What are folks doing for alerting Michael J. McCasland (Nov 20)
- Re: RE: What are folks doing for alerting BCL IP Network Operations (Nov 20)