Snort mailing list archives
What makes a complete IDS package?
From: James Lay <jlay () slave-tothe-box net>
Date: Fri, 18 Mar 2011 06:38:06 -0600
So..topic says it all. We all know Snort in and of itself isn't what saya CEO would call a complete IDS package. That being said, what addons are really required, to you, to make it so? As much as I loath the LAMP environment, it seems like that's pretty much the only option if you want reporting. I'm currently using snortalog (modified since it's old) from syslog, and oinkmasterwhat else is there besides LAMP above? I know there's barnyard2 for piping unified to mysql, but to be honest, the less processes I have running on my IDS, the better in my mind. Can anyone add to my list below? Thanks for anything you can add. Reporting: LAMP, Barnyard2 & Base Sguil Snorby Rules management: Oinkmaster Pulled pork
------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- What makes a complete IDS package? James Lay (Mar 18)
- Re: What makes a complete IDS package? Jefferson, Shawn (Mar 18)
- Re: What makes a complete IDS package? Joel Esler (Mar 18)
- Re: What makes a complete IDS package? James Lay (Mar 19)
- Re: What makes a complete IDS package? Joel Esler (Mar 19)
- Re: What makes a complete IDS package? Martin Holste (Mar 21)
- Re: What makes a complete IDS package? Joel Esler (Mar 21)
- Re: What makes a complete IDS package? Jefferson, Shawn (Mar 21)
- Re: What makes a complete IDS package? Joel Esler (Mar 21)
- Re: What makes a complete IDS package? James Lay (Mar 19)