Snort mailing list archives
Re: Snort preprocessor perfmonitor
From: Andres Carrera Rivera <protoss_black88 () hotmail com>
Date: Wed, 8 Dec 2010 21:22:57 -0500
ok I'll change my snort conf. but the snorby server ? dont know the exactly direction, and how can I check after logging some alerts On 12/8/2010 9:05 PM, Salahudin Wan Khairuzzaman wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yes absolutely. - From your Snort configuration, set output log to MySQL server (mysql at snorby server). E.g : output database: log, mysql, user=root password=toor dbname=snorbydb host=192.168.1.1 You can disable snort installed within snorby spsa installation. cheers, salahudin On 12/2/10 11:54 AM, Andres Carrera Rivera wrote:ok I'm downloading the ISO. But I have already installed snort on my machine (ubuntu), isn't there a possibility to configured snorby, but with my snort IDS. On 12/1/2010 10:45 PM, Salahudin Wan Khairuzzaman wrote: Yes, u can try the pre-installed one.. less hectic :) http://bailey.st/blog/snorby-spsa/ cheers, salahudin On 12/2/10 11:11 AM, Andres Carrera Rivera wrote:I haven't heard about it.. I'll check it. but it graph at real time... ? On 12/1/2010 10:05 PM, Salahudin Wan Khairuzzaman wrote: have u try snorby? just submit the mysql output to snorby server to process that.. cheers, salahudin On 12/2/10 10:36 AM, Andres Carrera Rivera wrote:I read that I can draw graph using the perform monitor with the snortstats file. but how? Is there a perl file called perfstats that work and create real time statistics graph any steps to do that..? or is there other thing I can use to draw graph with snort. I want real time traffic graph. to compare with others traffic graph.. Thanks a lot!! ------------------------------------------------------------------------------ Increase Visibility of Your 3D Game App& Earn a Chance To Win $500! Tap into the largest installed PC base& get more eyes on your game by optimizing for Intel(R) Graphics Technology. Get started today with the Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs. http://p.sf.net/sfu/intelisp-dev2dev _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel-- Salahudin Bin Wan Khairuzzaman Malaysia Computer Emergency Response Team (MyCERT) CyberSecurity Malaysia (An Agency Under MOSTI) Level 7, SAPURA@MINES, The MINES Resort City 43300 Seri Kembangan, Selangor Malaysia Main Line : +603 89926888 or 1-300-88-2999 Direct Line : +603 89926919 Fax : +603 89453442 Website : http://www.cybersecurity.org.my Website : http://www.mycert.org.myDisclaimer: This email (and any attachment to it) is confidential and intended solely for the use of the individual or entity to whom it is addressed. CyberSecurity Malaysia assumes no liability whatsoever for the content of this email or for the consequences of actions taken based on such content unless it is subsequently confirmed in writing. Unintended recipients are notified that disclosing, copying or distributing of this email, or acting based on its contents, is strictly prohibited; and you are to immediately and permanently delete or destroy this email and notify the sender forthwith.-- Salahudin Bin Wan Khairuzzaman Malaysia Computer Emergency Response Team (MyCERT) CyberSecurity Malaysia (An Agency Under MOSTI) Level 7, SAPURA@MINES, The MINES Resort City 43300 Seri Kembangan, Selangor Malaysia Main Line : +603 89926888 or 1-300-88-2999 Direct Line : +603 89926919 Fax : +603 89453442 Website : http://www.cybersecurity.org.my Website : http://www.mycert.org.myDisclaimer: “This email (and any attachment to it) is confidential and intended solely for the use of the individual or entity to whom it is addressed. CyberSecurity Malaysia assumes no liability whatsoever for the content of this email or for the consequences of actions taken based on such content unless it is subsequently confirmed in writing. Unintended recipients are notified that disclosing, copying or distributing of this email, or acting based on its contents, is strictly prohibited; and you are to immediately and permanently delete or destroy this email and notify the sender forthwith.- -- Salahudin Bin Wan Khairuzzaman Malaysia Computer Emergency Response Team (MyCERT) CyberSecurity Malaysia (An Agency Under MOSTI) Level 7, SAPURA@MINES, The MINES Resort City 43300 Seri Kembangan, Selangor Malaysia Main Line : +603 89926888 or 1-300-88-2999 Direct Line : +603 89926919 Fax : +603 89453442 Website : http://www.cybersecurity.org.my Website : http://www.mycert.org.my -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJNADliAAoJEAgHMNrD1PZ3V/MH/3QX7VskzuBGfsY+p5pOwUXD FFRjYL7RZskLGWdD06MhnlOW9aVz4SqaEA1Ml6qo3IB63H3+d3f7PD+8BWLcWHSV H1swyzTNLsGrpdbHFwXwokpHpWVYovW4waxm/P/P9usZLwk2m21sLY2VQhezkja/ ykdoK2eac+RbiEqTS5sNJVHPX8iGUTI6mnT4/DSp6JW0tPTx95HsQpxTi3LUW8bX TZ1r8q2mMm5e8G64JHwC/FAXm3Ep0voaDT6qfK0A9EJ9M49UAjRpLJGhSkzH1TUa 4b9+VXaJMkKQXxJWQsYL0mDAogpJAwgkxfV6RmsNCM3MR1/Jb71pUAfRpANuc3w= =LWfp -----END PGP SIGNATURE----- Disclaimer: “This email (and any attachment to it) is confidential and intended solely for the use of the individual or entity to whom it is addressed. CyberSecurity Malaysia assumes no liability whatsoever for the content of this email or for the consequences of actions taken based on such content unless it is subsequently confirmed in writing. Unintended recipients are notified that disclosing, copying or distributing of this email, or acting based on its contents, is strictly prohibited; and you are to immediately and permanently delete or destroy this email and notify the sender forthwith.
------------------------------------------------------------------------------ This SF Dev2Dev email is sponsored by: WikiLeaks The End of the Free Internet http://p.sf.net/sfu/therealnews-com _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel
Current thread:
- Snort preprocessor perfmonitor Andres Carrera Rivera (Dec 01)
- Re: Snort preprocessor perfmonitor Salahudin Wan Khairuzzaman (Dec 01)
- Re: Snort preprocessor perfmonitor Andres Carrera Rivera (Dec 01)
- Re: Snort preprocessor perfmonitor Salahudin Wan Khairuzzaman (Dec 01)
- Re: Snort preprocessor perfmonitor Andres Carrera Rivera (Dec 01)
- Re: Snort preprocessor perfmonitor Salahudin Wan Khairuzzaman (Dec 08)
- Re: Snort preprocessor perfmonitor Andres Carrera Rivera (Dec 08)
- Re: Snort preprocessor perfmonitor Salahudin Wan Khairuzzaman (Dec 08)
- Re: Snort preprocessor perfmonitor Andres Carrera Rivera (Dec 01)
- Re: Snort preprocessor perfmonitor Salahudin Wan Khairuzzaman (Dec 01)