Re: problem with snort and guardian

[Max Valdez <maxvalde () fis unam mx>]

Do what Alejandro told you

And you can still rethink about that, and realize that there are some serious 
security issues when using guardian, or any other reactive NIDS

Max

On Saturday 27 March 2004 1:31 am, Marcin Laskowski wrote:
> Hi,
>
> I want do configure snort to log alerts to mysql db,
> and configure guardian to change my iptables conf.
> when there is attack. The problem is with the output
> files. Guardian accepts syslog and snort alert files, so
> if I want to use alert files I have to change output db
> to log (I always used alert in db output line). Is there
> any other way to make snort log atacks to alert file?
> I don`t think that guardian accepts unified alert files.
> (It did`t work at all when I tried) I also use ACID to
> view attacks.
>
>
> -------------------------------------
> Greetings. Maxim

-- 
Linux garaged 2.6.5-rc2-mm3 #1 Fri Mar 26 11:07:16 CST 2004 i686 Intel(R) 
Pentium(R) 4 CPU 2.80GHz GenuineIntel GNU/Linux
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GS/S d- s: a-29 C++(+++) ULAHI+++ P+ L++>+++ E--- W++ N* o-- K- w++++ O- M-- 
V-- PS+ PE Y-- PGP++ t- 5- X+ R tv++ b+ DI+++ D- G++ e++ h+ r+ z**
------END GEEK CODE BLOCK------
gpg-key: http://garaged.homeip.net/gpg-key.txt


-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users