[Snort-users] Win32 Port and Syslog

Michael Davis mike at ...92...
Thu Nov 23 22:50:28 EST 2000


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ok, I added Remote syslog server support into snort.

Before I release it I have a few questions for the people who will be
using it.

Right now I have the configuration like the following:
snort -s IP_OF_SYSLOG_SERVER:PORT

Now, should the PORT be the port the REMOTE syslog server listens on
OR the port that the UDP packet that is sent to the remote syslog
server has?

I ask this because you can setup your remote syslog server to only
take UDP packets from a certain host and certain port.

Soon as I get this answered I will release the win32 update.

Michael Davis
Chief Technical Officer
Data Nerds, LLC.
http://www.datanerds.net

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOh3le/iUqZ9dnoKsEQKSOQCgsn/ppIKEVnLx359pu63pO0aehRgAn0la
QViTo0ejlrlJDGduHl8VhioP
=y5xB
-----END PGP SIGNATURE-----





More information about the Snort-users mailing list