[Snort-users] Remote NT 2000 logging

Martin Roesch roesch at ...421...
Wed Oct 25 01:35:17 EDT 2000


There was a release of netcat with built-in twofish encryption lately (from
http://www.farm9.com/News/Free_Tools/Cryptcat) that allows you to do point to
point encryption of the data in transit.  Pretty nifty...

    -Marty


"Robert E. Leever" wrote:
> 
> you could probably adapt netcat
> [the hacker's friend] to send the
> snort output into netcat on the NT
> to a netcat listener on another {unix, linix, etc}
> system and pipe that into the syslog
> there.  netcat is cheap. {like free}
> small and pretty efficient.  runs in either tcp
> or udp too.
> 
> I've tested netcat on
> solaris 2.4 & 2.6 but not NT.  If you do something
> like this you need to put in startup scripts so it
> comes up automagically at boot time on all of the
> platforms.
> 
> 'Course, you gotta wonder about putting such a
> powerful hacker tool on your systems.  (c:
> 
> ----snip-----
> 
> Netcat and the associated package is a product of Avian Research, and is freely
> available in full source form with no restrictions save an obligation to give
> credit where due.  Get it via anonymous FTP at avian.org:/src/hacks/nc110.tgz
> which is a gzipped tar file and not to be confused with its version 1.00
> precursor, nc100.tgz.  Other distribution formats can be accomodated upon
> request.  Netcat is also mirrored at the following [faster] sites:
> 
>         zippy.telcom.arizona.edu:/pub/mirrors/avian.org/hacks/nc110.tgz
>         ftp.sterling.com:/mirrors/avian.org/src/hacks/nc110.tgz
>         coast.cs.purdue.edu:/pub/tools/unix/netcat/nc110.tgz
>         ftp.rge.com:/pub/security/coast/mirrors/avian.org/netcat/nc110.tgz
> 
> b;)
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/snort-users

-- 
Martin Roesch
roesch at ...421...
http://www.snort.org



More information about the Snort-users mailing list