[Snort-devel] Snort-Snmp Upgrade
Glenn Mansfield Keeni
glenn at ...486...
Thu Jan 17 01:48:02 EST 2002
> There were a few talks wishing snmp to log arp mac addresses from p->eh
> header, if arp messages are logged.
Thanks. That has been done.
> (also were a few coredumps because
> ip->iph, .. structs were not validated, but i guess I fixed those)...
> could be wrong ;-)
Got those checks in . Should be OK now.
> On Wed, Jan 16, 2002 at 11:16:28PM +0900, Glenn Mansfield Keeni wrote:
> > Marty,
> > Hi ! A long overdue upgrade to the SnortSnmp plugin is ready.
> > It is available at
> > http://www.cysol.co.jp/contrib/snortsnmp/snortSnmpPlugin-1.8.3.tar.gz
> > The major changes are (details are in snort-1.8.3/ChangesSnmpTrap070102)
> > - core dump when the trap receiver is not running is avoided
> > - the fields of the alerts have been mapped to the latest
> > fields (impact, priority, classification,..)
> > - scanStatus alert has been added this is mapped onto the portscan
> > preprocessor alerts
> > - other fields have been tuned
> > A note has been added in the README to use "--with-snmp --with-openssl "
> > in case the compiler complains about missing libraries.
> > It works fine with the latest snort release 1.8.3.
> > Can you please do the needful.
> > Cheers
> > Glenn
> > _______________________________________________
> > Snort-devel mailing list
> > Snort-devel at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/snort-devel
> PGP fingerprint = 56DD 1511 DDDA 56D7 99C7 B288 5CE5 A713 0969 A4D1
More information about the Snort-devel