[Snort-users] snort + aris

Ron 'The InSaNe One' Rosson insane at ...321...
Sat May 12 18:09:51 EDT 2001


Ryan Russell (ryan at ...35...) wrote:
> Was the question regarding how to get Snort running, or how to get it to
> feed to ARIS?
> 
> 			Ryan
> 
> On Fri, 11 May 2001, Ron 'The InSaNe One' Rosson wrote:
> 
> > I am getting ready to reset up aris on my network but I am confused on
> > what my command line should be.
> >
> > Here is my basic setup:
> >
> > IDS system logging to a remote Database
> >
> > Command line for snort is:
> > /usr/local/bin/snort -D -d -c /etc/snort.rules
> >
> > Here is the output part of my  snort.rules file
> >
> > output database: alert, mysql, user=nobody dbname=snort host=postal
> >

I am looking for the proper command line to run with SNORT.

TIA

-- 
------------------------------------------------------------------------------
Ron Rosson          			      ... and a UNIX user said ...
The InSaNe One                 			      rm -rf *
insane at ...322...     	            and all was /dev/null and *void()
------------------------------------------------------------------------------
   If Bill Gates had a dime for every time a Windows box crashed...
                ...Oh, wait a minute, he already does.




More information about the Snort-users mailing list