[Snort-users] Logging to a central database

Michael Boman michael at ...1290...
Thu Apr 26 10:18:29 EDT 2001


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thursday 26 April 2001 21:28, Ed Padin wrote:
> Hi,
>
> I'm trying to have a central database for all snort data. I've set up
> postgress and can get snort running on the local machine to log alerts and
> packet paylogs to the snort database. I know want to get the data from my
> remote nodes. Because of our security policies, it's more feasible for me
> to transfer the data via secure file copy rather than doing a remote
> database client. 

[snip]

> I appreciate any help anyone can offer.

Question: Why not create a SSH tunnel between your client node to the central 
database server? Then you can use direct DB connection but yet keep the 
information encrypted between the remote node and the central database server.

Best regards
 Michael Boman

- -- 
"eLINUX  ---  Enabling the Net Economy on Linux"
- ----------------------------------------------------------
Michael Boman                   eLinux Pte Ltd
LPIC-1                          http://www.elinux.com.sg
Technical Consultant            Tel:    (65)  227 6180
michael at ...1290...           Fax:    (65)  227 5808
- ----------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE66C46pR7+eg93EEMRAn+8AJ0SZgiGmfrnFTrs0W3JSJm0zmivGwCferi7
JWFQt7CdrNLjXMMzkNTIYfc=
=l+HS
-----END PGP SIGNATURE-----




More information about the Snort-users mailing list