[Snort-users] Snort front ends

jas at ...6072... jas at ...6072...
Thu Jun 13 08:07:07 EDT 2002


Snortsnarf is what I used before.  The main thing I like about having an SQL
back end is that low, slow scans might be recognizable and it's possible to
keep history around and more available almost indefinitely.

-----Original Message-----
From: Anthony Scott [mailto:ascott at ...6076...]
Sent: Thursday, June 13, 2002 10:33 AM
To: jas at ...6072...
Subject: RE: [Snort-users] Snort front ends


SnortSnarf is nice also... very easy to implement. Works with *nix and
Windows.
Find it here:
http://www.silicondefense.com/software/snortsnarf/index.htm



-----Original Message-----
From: jas at ...6072... [mailto:jas at ...6072...]
Sent: Thursday, June 13, 2002 9:05 AM
To: Snort-Users at ...1973... Sourceforge. Net
Subject: RE: [Snort-users] Snort front ends


Very cool!  That's perfect.  That's just about perfect!  I only have one
sensor box (public (read-only) and private ports).  Thanks!!

Thanks to Steven Scott for putting the document together!

-----Original Message-----
From: Kristopher Czachor [mailto:czachor at ...5935...]
Sent: Thursday, June 13, 2002 9:42 AM
To: jas at ...6072...
Subject: RE: [Snort-users] Snort front ends


I'm using Snort + MySQL + ACID for monitoring my network and it's pretty
straight forward to use and implement. One of the users on this list
wrote some nice documentation on how he got the ACID set up and working.
You can find the documentation at http://home.earthlink.net/~sjscott007/
. Although I didn't use this documentation, I did look it over and it
seemed pretty through. Of course, I'm assuming that you're going to be
using the Linux distribution. I'm not using the windows so if you're
planning on using that that particular document won't apply.

HTH,
Kris

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of
jas at ...6072...
Sent: Wednesday, June 12, 2002 11:09 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Snort front ends

I've gotten seriously out of the loop on Snort for awhile.  I use it
pretty
often but it's installed in the "dump to syslog" mode and then the
syslog
file is monitored.

What's the latest on a web-based front-end?  I'm putting a box in place
and
would like a nice graphical front end.  How big a deal is getting Snort
and
MySQL running?  I have 1.8.6 running.


_______________________________________________________________

Sponsored by:
ThinkGeek at http://www.ThinkGeek.com/
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -
http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink

_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users





More information about the Snort-users mailing list