[Snort-users] Basic questions about snort

Rich Smith Rich.Smith at ...1809...
Mon Apr 16 11:31:46 EDT 2001


What kind of bandwidth are you working with? Is it greater than 100Mb?

This makes a huge difference in you network architecture since your not
going to be able to get >200 Mb out of a single sensor.

-rs

> -----Original Message-----
> From: Jason Lewis [mailto:jlewis at ...1831...]
> Sent: Saturday, April 14, 2001 11:38 PM
> To: agetchel at ...1525...
> Cc: snort-users at lists.sourceforge.net
> Subject: RE: [Snort-users] Basic questions about snort
> 
> 
> Are the snort boxes logging to a DB?
> 
> What are you using to get all the logged info together?
> 
> Are all the snort boxes configured like stand alone boxes and 
> you monitor
> each one individually?
> 
> What are you using to alert you to security breaches?
> 
> Are you using snort along with any other apps?
> 
> I would like to have all my boxes log to a single DB where I 
> can run ACID
> and  maybe build a custom tool for viewing logs.
> 
> -----Original Message-----
> From: agetchel at ...1525... [mailto:agetchel at ...1525...]
> Sent: Saturday, April 14, 2001 11:26 PM
> To: jlewis at ...1831...
> Cc: snort-users at lists.sourceforge.net
> Subject: RE: [Snort-users] Basic questions about snort
> 
> 
> > Has anyone deployed snort in an enterprise class network?  If
> > so, where did
> > you go to help you get things working?  I am looking to roll
> > snort out and I
> > don't want to reinvent the wheel.  If there isn't one, I will
> > document my
> > experience.
> 
> 	We're getting ready to roll out snort on our network, which is
> 'pretty big'. =)  Unfortunately, I have not yet documented 
> anything that I
> can release to the world without releasing 'too much' 
> information about our
> internal network.  However, I'm going to be writing a 
> document explaining
> our findings about Snort vs Other IDS's.  I'll send a message 
> to the list
> with a link to the doc when it's done.  In the mean time, do 
> you have any
> specific questions?
> 
> Thanks,
> Abe
> 
> Abe L. Getchell - Security Engineer
> Division of System Support Services
> Kentucky Department of Education
> Voice   502-564-2020x225
> E-mail  agetchel at ...1525...
> Web     http://www.kde.state.ky.us/
> 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 




More information about the Snort-users mailing list