[Snort-users] barnyard (Payload)
alrayworld at ...131...
Tue Oct 15 05:38:03 EDT 2002
Sorry I'm busy this week and I just open my email.
in my snort.conf
output aler_unified: filename snort.alert, limit 128
config hostname: snorthost
config interface: fxp0
config filter: not port 22
output alert_acid_db: mysql, sensor_id 1, database
snort, server localhost, user usnort, password loghog
I'm new with barnyard. Thanks in Advance for your
Your brother in snort
--- Martin Roesch <roesch at ...1935...> wrote:
> Which unified output option are you guys using?
> On 10/1/02 8:57 AM, "Alwin Raymundo"
> <alrayworld at ...131...> wrote:
> > Hi Ron,
> > Yap to me the payload is very important. for my
> > opinion. we know that somebody trying to do some
> > nasty thing to our server but how?
> > without the payload its look like I shooting in
> > dark.
> > Thanks
> > --- Ron Shuck <rshuck at ...6736...> wrote:
> >> Hey Alwin,
> >> I found the same results. I haven't heard if
> >> are plans to include
> >> this, or if it should work and we just missed
> >> something.
> >> Ron Shuck, CISSP - Managing Consultant
> >> Buchanan Associates - A Technology Company in the
> >> People Business
> >> http://www.buchanan.com
> >> http://www.isc2.org
> >> ---original message---
> >> Date: Mon, 30 Sep 2002 11:36:39 -0700 (PDT)
> >> From: Alwin Raymundo <alrayworld at ...131...>
> >> To: user snort
> <snort-users at lists.sourceforge.net>
> >> Subject: [Snort-users] barnyard (Payload)
> >> Hi Everybody,
> >> I don't know if this is already posted in
> >> discussion and this morning I just setup the
> >> barnyard.
> >> I like it because it fast to log all packets in
> >> mysql and acid but I notice there is no payload.
> >> Is this normal? is there in another way to get
> >> payload?.
> >> Any help would be appreciated.
> >> Thanks in advance.
> >> ATTACHMENT part 2 application/x-pkcs7-signature
> > name=smime.p7s
> > =====
> > Alwin Raymundo
> > __________________________________________________
> > Do you Yahoo!?
> > New DSL Internet Access from SBC & Yahoo!
> > http://sbc.yahoo.com
> > This sf.net email is sponsored by: DEDICATED
> SERVERS only $89!
> > Linux or FreeBSD, FREE setup, FAST network. Get
> your own server
> > today at http://www.ServePath.com/indexfm.htm
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or
> > Snort-users list archive:
> Martin Roesch - Founder/CTO Sourcefire Inc. - (410)
> Sourcefire: Professional Snort Sensor and Management
> Console appliances
> roesch at ...1935... - http://www.sourcefire.com
> Snort: Open Source Network IDS -
> This sf.net email is sponsored by: DEDICATED SERVERS
> only $89!
> Linux or FreeBSD, FREE setup, FAST network. Get your
> own server
> today at http://www.ServePath.com/indexfm.htm
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or
> Snort-users list archive:
Do you Yahoo!?
New DSL Internet Access from SBC & Yahoo!
More information about the Snort-users