Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: What are folks doing for alerting

From: "Distribution Lists" <dist-lists () e-securenetworks net>
Date: Tue, 19 Nov 2002 15:11:55 -0600 (CST)
I've been using swatch for a while now.
It basically 'tails' the alert log looking for keywords like 'PORTSCAN',
etc... and then will execute a shell script. This way I can send alerts to
an email address or even a pager or cell phone that is email enabled.

Regards




I was just curious what people are doing for alerting, if any...

Acid is working great but would like to get a email when a box starts
spewing code red for instance...

Thanks

Regards,
---------------------
Jared Bergeron
Systems Analyst
XEROX Office Printing Business



-------------------------------------------------------
This sf.net email is sponsored by: To learn the basics of securing  your
web site with SSL, click here to get a FREE TRIAL of a Thawte  Server
Certificate: http://www.gothawte.com/rd524.html
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users






-------------------------------------------------------
This sf.net email is sponsored by: To learn the basics of securing 
your web site with SSL, click here to get a FREE TRIAL of a Thawte 
Server Certificate: http://www.gothawte.com/rd524.html
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: