[Snort-users] Snort setting
jo.cam at ...6346...
Fri Aug 23 17:04:05 EDT 2002
Thanks for your answer.
I installed my first sensor and its seem work fine. I used
the snort+mysql package which came with my linux
My configuration is:
- Linux 2.4 (Mandrake distrib ver 8.2)
- Snort ver 1.8.4
- ACID ver 0.9.6b20
- MySQL Ver 11.15 distrib 3.23.47
I cant specified the sensor name in snort.conf. When I
lunch IE on my Win95 WS, I see that the sensor name is the
IP address of the network interface of my linux WS.
There are some problems with email alerts.
I created one alert group and one alert email in Alert
Group Maintenance. After viewing alerts, when I try to send
email alert, by putting my email address, ACID return the
message Successful EXPORT-full- on xx alert(s) in xx
blobs but I cant receive mail.
In php.ini file, I left the default configuration for UNIX
machine (sendmail t) and, for the win machine, I set up
the SMTP server (with the name of our smtp server) and my
Have you got more information for using the email alerts
For the others setting, I just downloading Andrea Barisani
document which describe an approach for setting up and
maintaining multiple Snort sensor. I hope this document
could help me. You will find it at
----- Original Message -----
From: "jo cam"
Sent: Wednesday, July 17, 2002 12:16 PM
Subject: [Snort-users] Snort setting
I want to use snort and MySQL in the following
- the first snort sensor on linux station. The database
MySQL also running on this sensor
- the second sensor on Win 95
- the third sensor on Win NT.
1. What is the sensor name ?
2. On Win95 and WinNT stations, is that necessary to have
MySQL client installed ?
3. In each station how can i setup the output module part
of snort.conf ?
Envoyez des messages musicaux sur le portable de vos amis
More information about the Snort-users