[Snort-users] ACID 0.9.5 Released

Kevin.Brown at ...1022... Kevin.Brown at ...1022...
Fri Jan 19 12:21:12 EST 2001


> I take your message as an opportunity to ask if there is space in this
> mailing-list for discussion about daily usage of  ACID. I use it since a month
> and surely am one of your most enthoustiastic fan(s) in France !! :-)
> 
> More seriously, I would like to expand the usage of ACID sensors to build a
> Distributed IDS for a large network (with a lot of that f*!#@* things called
> switches !! :-)).
> 
> Does anyone here have some experience of that ?

That is essentially what I'm trying to set up on my network.  Basically use
the fact that snort can log it's alerts to a remote SQL server and just have
all the servers send their data there.  The problem I've encountered with this
is that I can get snort to log to a local db (on the same host), but for the
life of me can't figure out why the remote machine is refusing the connection.





More information about the Snort-users mailing list