[Snort-users] Win32 Platform Suggestions

Michael Davis mike at ...92...
Fri Oct 6 23:46:36 EDT 2000


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

> The best feature this product brings to the table is it's ability
> to "watch" the program running as a service.  If the watched
> program fails FireDaemon will restart the program automatically.  

Service code will be in the next version of snort-win32. As a matter
of fact it is done and integrated, however,  I am having some
problems so it has not been released.  

> directories it handles such events as files change, addition or 
> removal.

I just wrote a utility that I will be releasing(Open Source) that
will read in a file and for each filename listed in the file it will
do an MD5 hash on the file every x minutes. If the hash changes then
the file has changed and an alarm should be generated.  The program
will just run an external application to process the alarm and
possibly do SNMP. Until this is released however I recommend using
the above application. It looks wonderful.

Michael Davis
Chief Technical Officer
Data Nerds, LLC.
http://www.datanerds.net

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOd6cm/iUqZ9dnoKsEQJuKQCg2FcF4Izr9NB88cmG/5smFaFDtCwAoJnS
NOtO3Stvmuu7pS+Q4o1SGQRN
=0mDI
-----END PGP SIGNATURE-----





More information about the Snort-users mailing list