[Snort-users] stripped-down snort/mysql for newbie

twig les twigles at ...131...
Fri Jul 26 09:39:07 EDT 2002


Since we don't have a whole lotta alerts we just use
syslog and it saves us a buncha headaches.  Now we can
sift thru Cisco and Sun logs, then cd over the snort
directory.  Simple (but won't scale well).

--- Erek Adams <erek at ...577...> wrote:
> On Thu, 25 Jul 2002, joe van wrote:
> 
> > Hello, all.  I got the IDS R&D project at work and
> I figured that the pig
> > was just as good as any commercial distribution
> w/o having to spend 20
> > large.
> >
> > I'm trying to get Snort installed/configured on a
> pair of pc's running RH
> > 7.2 Linux.  Now, I know there is an installation
> guide for RH 7.2 in the
> > Snort docs, but I think it might be getting in the
> way of my basic
> > understanding of what Snort does.  I just wanna
> set up the sensor on one
> > machine, the mysql db on the other, and that's it.
> >
> > I'd love to add in some of the other bells n'
> whistles ...later.  Now I just
> > wanna see how the basic product works w/o the
> Acid, webmin, apache, and so
> > on.
> >
> > Is there a doc for such a stripped-down install,
> or can I merely disregard
> > all the references to the other goodies in the
> doc?
> 
> Joe,
> 
> 	If you aren't using a 'frontend' like ACID, the
> mysql might be a bit
> of overkill.  Esp. if you're just doing testing. 
> You might want to consider
> just installing snort and checking out the log files
> instead of logging to a
> db.  I'm just a big fan of the Keep it Simple
> school.  :)
> 
> 	Cheers!
> 
> -----
> Erek Adams
> Nifty-Type-Guy
> TheAdamsFamily.Net
> 
> 
> 
>
-------------------------------------------------------
> This sf.net email is sponsored by: Jabber - The
> world's fastest growing 
> real-time communications platform! Don't just IM.
> Build it in! 
> http://www.jabber.com/osdn/xim
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or
> unsubscribe:
>
https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
>
http://www.geocrawler.com/redir-sf.php3?list=snort-users


=====
-----------------------------------------------------------
All warfare is based on deception.
-----------------------------------------------------------

__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com




More information about the Snort-users mailing list