[Snort-devel] Snort-Snmp Upgrade

Glenn Mansfield Keeni glenn at ...486...
Thu Jan 17 01:48:02 EST 2002


Fyodor,

> There were a few talks wishing snmp to log arp mac addresses from p->eh
> header, if arp messages are logged.
Thanks. That has been done.
http://www.cysol.co.jp/contrib/snortsnmp/snortSnmpPlugin-01-1.8.3.tar.gz

> (also were a few coredumps because
> ip->iph, .. structs were not validated, but i guess I fixed those)...
> could be wrong ;-)
Got those checks in . Should be OK now.

Cheers

Glenn
>
> On Wed, Jan 16, 2002 at 11:16:28PM +0900, Glenn Mansfield Keeni wrote:
> > Marty,
> >       Hi ! A long overdue upgrade to the SnortSnmp plugin is ready.
> > It is available at
> >   http://www.cysol.co.jp/contrib/snortsnmp/snortSnmpPlugin-1.8.3.tar.gz
> >
> > The major changes are (details are in snort-1.8.3/ChangesSnmpTrap070102)
> >       - core dump when the trap receiver is not running is avoided
> >       - the fields of the alerts have been mapped to the latest
signature
> >          fields (impact, priority, classification,..)
> >       - scanStatus alert has been added this is mapped onto the portscan
> >          preprocessor alerts
> >       - other fields have been tuned
> >
> > A note has been added in the README to use "--with-snmp --with-openssl "
> > in case the compiler complains about missing libraries.
> >
> > It works fine with the latest snort release 1.8.3.
> >
> > Can you please do the needful.
> >
> > Cheers
> >
> > Glenn
> >
> >
> > _______________________________________________
> > Snort-devel mailing list
> > Snort-devel at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/snort-devel
>
> --
> http://www.notlsd.net
> PGP fingerprint = 56DD 1511 DDDA 56D7 99C7  B288 5CE5 A713 0969 A4D1
>





More information about the Snort-devel mailing list