[Snort-users] Snort and M$ Access?????

Daniel Holden dholden at ...2819...
Fri Feb 8 11:22:09 EST 2002


I feel for ya dude.  I also work with clueless people who seem to think our
budget is unlimited and the more you pay the better the solution.  These
were the same people who bought us HP Jetdirect print servers instead of
network printers (that we requested) and I'm sure they still don't know
about the multi-casts those print servers send out to HP's site.  Anyway,
enough venting...

What about linking tables from MySQL to Access via ODBC?  Probably not
secure enough for'em huh?



----- Original Message -----
From: "Graham, Randy (RAW) " <RAW at ...4721...>
To: <snort-users at lists.sourceforge.net>
Sent: Friday, February 08, 2002 10:58 AM
Subject: [Snort-users] Snort and M$ Access?????


> Sorry, but I'm forced to ask this...
>
> I have recently gotten Snort 1.8.3 running with mysql and ACID 0.9.6b19 on
a
> couple of RedHat 7.2 boxen (I know, Marty - I'm working on learning *BSD
> well enough to correct the error of my ways).  Everything is working
great,
> and I love it.  Today, the bosses come to me and ask if we can make Snort
> output to an Access database instead.  Knowing where this is going, I try
to
> fend it off by telling a little lie about what databases Snort supports
> (mysql and postgres only).  So, they ask about dumping the mysql database
> info into an Access file or flat text so Access can read it in.
Apparently,
> they want to store the data on our "more secure" Win2k server.  Keep in
mind
> that these are the same people who won't let me use open source software
> because someone might have compiled a trojan in to the source I'm
> downloading...
>
> Anyway, what I really need to know is, does there exist some tool that
will
> allow for "easy" (meaning little work for me, and I don't care how much
work
> for others) migration/transport of the mysql database info from my Linux
> machine to their Win2K box?  If so, does there exist a tool to pull that
> info back out in a usable format - something comparable to ACID or
> SnortSnarf?
>
> I don't even know what else to ask, because I'm still flat on my back from
> effectively being told that my Linux machine (which only has ssh and the
> stunnel connection for mysql input from other sensors open) is not as
secure
> as their Win2K machine (which acts as the department print and file
server,
> and had IIS running unbeknownst to our admin for 6+ months until we
> discovered it in a routine scan before Christmas).  As I understand more
> what the bosses want, I may be back with more questions.
>
> Oh yea, and I may be slightly biased against the M$ based solution, but if
> someone can show me a good way to do this with an M$ OS and an M$
database,
> I'll at least seriously consider it.
>
> Randy Graham
> --
> The Internet?  Bah!  Is that thing still around?  -- Homer Simpson
> http://www.securitynewbie.com/ - for people like me
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>





More information about the Snort-users mailing list