[Snort-users] (no subject)

Jim Burnes jburnes at ...75...
Wed Jul 19 13:12:39 EDT 2000


Marty et al:

Were trying to implement a few additions to snort here at Savvis.

(1) Sending alerts via SNMP to our Enterprise monitoring/logging DB.
(2) Squelching the noice to only look for what we want
(3) Assign some severity level to the events for SNMP
(4) Be able to easily indicate a list of internal subnets which 
    should be ignored if you see traffic flowing between them.
   (right now I have this implemented via a BPF pre-filter, but
   there must be a more elegant method.  The BPF filter gets a little
   complicated.)

jim burnes

--
Sometimes it is said that man can not be trusted with the government of
himself. Can he, then, be trusted with the government of others? Or have we
found angels in the forms of kings to govern him? Let history answer this
question.	-- Thomas Jefferson, 1st Inaugural





More information about the Snort-users mailing list