Snort mailing list archives
Re: Cert Advisory and now no SNMP traps.
From: Chris Green <cmg () sourcefire com>
Date: Mon, 21 Apr 2003 09:18:44 -0400
"larosa, vjay" <larosa_vjay () emc com> writes:
Well I have to say this sucks. Now those of us that rely on SNMP traps are forced to upgrade to snort 2.0 and will lose our NMS integrations.
SNMPTrap was removed because it was easier to throw away functionality than to verify it's string handling operations. I don't know of an exact vulnerability You have 2 choices: 1) Merge in snmptrap from 1.9 ( pretty easy task ) This is entirely unsupported. 2) Switch to a different output mechanism like syslog.
Anyway, I am going to write a program to select events of interest from A Mysql database and will send SNMP traps to the NMS on behalf of snort.
If you are going to do this, I'd recommend you instead write a plugin for barnyard. -- Chris Green <cmg () sourcefire com> I've had a perfectly wonderful evening. But this wasn't it. -- Groucho Marx ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Cert Advisory and now no SNMP traps. larosa, vjay (Apr 17)
- Re: Cert Advisory and now no SNMP traps. Kevin J. Schmidt (Apr 17)
- Re: Cert Advisory and now no SNMP traps. Chris Green (Apr 21)