Snort mailing list archives
Re: [Fwd: [Fwd: Re: Snort-snmp for snort-2.0.0]]
From: Jose Vicente Nunez Z <josevnz () newbreak com>
Date: 27 May 2003 09:01:00 -0400
These are very good news indeed!. Thank you very much for your support. JV. On Tue, 2003-05-27 at 07:29, Glenn Mansfield Keeni wrote:
Hi Folks, Sincere apologies for the delay in getting this thing out. The SnortSnmp module compatible with snort-2.0.0 is ready. I have tried it on the following platforms Solaris[ucd-snmp-4.2.*], FreeBSD[ucd-snmp-4.2.* and net-snmp-5.0.*] Linux [net-snmp-5.0.*]. It seems to be working without problems. The software is available from http://www.cysol.co.jp/contrib/snortsnmp/SnortSnmp-2.0.0-01.gz Let me know if there are problems. Thanks and Cheers Glenn PS. Excerpts from README.SNMP Introduction. The snortSnmpPlugin enables snort to send snmp alerts to network managemement systems (NMS). The alerts can be traps (the alert will not be acknowledged by the receiver) or informs (the alert will be acknowledged by the receiver ). This adds significant power to the NMS by allowing it to monitor the security of the network. It also allows the snort sensor to exploit the features that are built into existing network management systems. Requirements: The plugin requires the net-snmp (or ucd-snmp) libraries and header files. You will need to download and install the net-snmp (ucd-snmp) package before you try to install this plugin. The package can be downloaded from http://net-snmp.sourceforge.net/ You will need the latest snort source distribution. Activation Steps: NOTE: That the MIB files in the etc directory etc/SnortCommonMIB.txt etc/SnortIDAlertMIB.txt need to be referred to by snmp applications. [Otherwise the OID-to-name translation will not take place] refer to the snmpcmd manpages [do 'man snmpcmd'] for further details. 0. Build the Snmp enabled snort package. DownLoad the SnortSnmpModule. uncompress and untar - it will contain README.SNMP -- This file SnortSnmpPatch-<Version>.gz. -- Patch to build the Snmp enabled snort In the Snort home directory (this is where snort is gunzipped and untarred) apply the patch SnortSnmpPatch e.g. zcat SnortSnmpPatch-2.0-01.gz | patch -c This will update the following files configure.in Makefile.am src/plugbase.c etc/snort.conf It will create the following files doc/README.SNMP etc/SnortCommonMIB.txt etc/SnortIDAlertMIB.txt src/output-plugins/spo_SnmpTrap.c src/output-plugins/spo_SnmpTrap.h 1. follow the usual steps to build the package ./configure --with-snmp --with-openssl make su make install .... .... ------------------------------------------------------- This SF.net email is sponsored by: ObjectStore. If flattening out C++ or Java code to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software. http://www.objectstore.net/sourceforge _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Jose Vicente Nunez Zuleta (josevnz at newbreak dot com) Newbreak LLC System Administrator http://www.newbreak.com RHCE, SCJD, SCJP ------------------------------------------------------- This SF.net email is sponsored by: ObjectStore. If flattening out C++ or Java code to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software. http://www.objectstore.net/sourceforge _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- [Fwd: [Fwd: Re: Snort-snmp for snort-2.0.0]] Glenn Mansfield Keeni (May 27)
- Re: [Fwd: [Fwd: Re: Snort-snmp for snort-2.0.0]] Jose Vicente Nunez Z (May 27)