Snort mailing list archives

[Snort-Users] new to snort and intrusion detection

From: "Jonathan Jesse" <jjesse () ftpb com>
Date: Thu, 8 May 2003 13:47:29 -0400

First of all a little introduction.... I started working at my current
location a little over 6 months ago as a full-time computer support
person.  The place I work at is under 150 employees and before I can on
staff there was no computer support or network administration.  Every
small problem or upgrade was taken care of by an outside consulting
firm; including every day normal helpdesk requests, password resets,
printer jams, etc.
 
So in August of 2001, I was hired as a full time helpdesk/network admin
position.  Now, my boss (who is pretty IT savvy, just not very current
on things) and I are trying to get the company set with a solid
foundation and then move on to their.  Also part of the foundation is in
response to the auditors, got to love them.
 
So to make a long story short, I am somewhat knowledgeable in Linux,
having attained my Linux + certification from CompTIA, and my boss went
to a user group meeting for our core banking system where a guest
speaker spoke about Intrusion Detection and mentioned Snort.  My boss
asked if I knew anything about snort and could show it to him.  Today I
followed the guide "Enterprise Snort" by Steven Scott and have it up and
running on a Red Hat 7.3 system with MySql and Acid and everything
running.  
 
What I'm looking for is some help on how to learn how to use snort to
its fullest, any sources/documentation to the best use out of it?
 
Sorry about the long email
 
Jonathan Jesse
Network Specialist
Founders Trust Bank
 
This page and any accompanying documents contain confidential
information intended for a specific individual and purpose. If you are
not the intended recipient, you are hereby notified that any disclosure,
copying, distribution, or use of the information contained herein
(including any reliance thereon) is strictly prohibited. If you received
this transmission in error, please immediately contact the sender and
destroy the material in its entirety, whether in electronic or hard copy
format.

Current thread:

[Snort-Users] new to snort and intrusion detection Jonathan Jesse (May 08)
- Re: [Snort-Users] new to snort and intrusion detection Michael Boman (May 08)
- <Possible follow-ups>
- RE: [Snort-Users] new to snort and intrusion detection L. Christopher Luther (May 08)
- RE: [Snort-Users] new to snort and intrusion detection Cloppert, Michael (May 09)