[Snort-users] Basic questions about snort
jlewis at ...1831...
Sat Apr 14 23:38:07 EDT 2001
Are the snort boxes logging to a DB?
What are you using to get all the logged info together?
Are all the snort boxes configured like stand alone boxes and you monitor
each one individually?
What are you using to alert you to security breaches?
Are you using snort along with any other apps?
I would like to have all my boxes log to a single DB where I can run ACID
and maybe build a custom tool for viewing logs.
From: agetchel at ...1525... [mailto:agetchel at ...1525...]
Sent: Saturday, April 14, 2001 11:26 PM
To: jlewis at ...1831...
Cc: snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] Basic questions about snort
> Has anyone deployed snort in an enterprise class network? If
> so, where did
> you go to help you get things working? I am looking to roll
> snort out and I
> don't want to reinvent the wheel. If there isn't one, I will
> document my
We're getting ready to roll out snort on our network, which is
'pretty big'. =) Unfortunately, I have not yet documented anything that I
can release to the world without releasing 'too much' information about our
internal network. However, I'm going to be writing a document explaining
our findings about Snort vs Other IDS's. I'll send a message to the list
with a link to the doc when it's done. In the mean time, do you have any
Abe L. Getchell - Security Engineer
Division of System Support Services
Kentucky Department of Education
E-mail agetchel at ...1525...
More information about the Snort-users