[Snort-devel] Snort-Snmp Upgrade

Glenn Mansfield Keeni glenn at ...486...
Wed Jan 16 06:30:05 EST 2002


Marty,
      Hi ! A long overdue upgrade to the SnortSnmp plugin is ready.
It is available at 
  http://www.cysol.co.jp/contrib/snortsnmp/snortSnmpPlugin-1.8.3.tar.gz
 
The major changes are (details are in snort-1.8.3/ChangesSnmpTrap070102)
      - core dump when the trap receiver is not running is avoided
      - the fields of the alerts have been mapped to the latest signature
         fields (impact, priority, classification,..)
      - scanStatus alert has been added this is mapped onto the portscan
         preprocessor alerts
      - other fields have been tuned 

A note has been added in the README to use "--with-snmp --with-openssl "
in case the compiler complains about missing libraries.

It works fine with the latest snort release 1.8.3. 

Can you please do the needful.

Cheers

Glenn





More information about the Snort-devel mailing list