[Snort-users] center alert

Joe McAlerney joey at ...47...
Mon Mar 11 19:27:02 EST 2002


Hi Loong,

You're going to have to look into the documentation there buddy.  Both
ACID and Demarc are well documented, and provide a number of user
configurable options to satisfy your needs.  After you decide on what to
do, and start setting your infrastructure up you may run into a few
problems.  If this happens, post back with some specific questions, and
I'm sure they'll get answered on this list.

There are also complete walkthroughs available on different websites
including Snort.org and SiliconDefense.com.  I know others have posted
theirs on this list before.  You may want to search the archive using
the keyword "walkthrough".

Hope this helps,

-Joe M.

-- 
Joe McAlerney
Software Developer / Security Consultant
joey at ...47...
Silicon Defense: IDS Solutions -=- http://www.silicondefense.com/

loong wrote:
> 
> hi
> 
> thanks for reply
> 
> i not sure how it work,  the 5 snort is in different place ,
> how can i monitor the alert in my office pc,
> can i collect all the alert mail from mail the store in the database  ,
> and can i online view from my pc when there is alert mail come in ?
> 
> thanks
> 
> Loong
> 
> ----- Original Message -----
> From: "Joe McAlerney" <joey at ...47...>
> To: "loong" <loong at ...5287...>
> Cc: <snort-users at lists.sourceforge.net>
> Sent: Tuesday, March 12, 2002 6:44 AM
> Subject: Re: [Snort-users] center alert
> 
> > Hi loong,
> >
> > You may want to take a look at ACID, which allows you to monitor alerts
> > from several machines by interfacing with a single database.  Demarc's
> > PureSecure should suit your needs as well.  It provides additional
> > functionality, such as rule management and detailed sensor statistics.
> >
> > ACID  : http://acidlab.sourceforge.net/
> > DEMARC: http://www.demarc.com/
> >
> > Happy Snorting!
> >
> > -Joe M.
> >
> > --
> > Joe McAlerney
> > Software Developer / Security Consultant
> > joey at ...47...
> > Silicon Defense: IDS Solutions -=- http://www.silicondefense.com/
> >
> > > loong wrote:
> > >
> > > hi
> > >
> > > i have 5 snort install on different location and building
> > > and it send alert mail to my email address
> > >
> > > is there anywhere i can collect it to centre and console it online ?
> > >
> > > any site recommend ?
> > >
> > > loong
> > >
> > >
> >
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list