[Snort-users] alert file
yoda at ...7272...
Thu Oct 24 06:57:12 EDT 2002
On Thu, 2002-10-24 at 02:58, Alberto Gonzalez wrote:
> Ok, not to be harsh, but you SOUND really new.
Well I am really new to this :)
> 1. Learn everything you can about snort, its functions, option and plugins
> - I recommend reading the Snort Users Manual
> 2. Familarize yourself with TCP/IP
> - I recommend reading "TCP/IP Illustrated Vol 1" By R. Stevens
Will check ebay for this.
> 3. If snort gives you an alert, it also gives you a "reference", go read
> about that specific attack.
> 4. Use google. (this is your best friend).
> And to your question, access_log is pertaining to apache. I suggest also
> reading about what your using. Looks to me
> your just running default installs of things.
Yah some things are pretty much default installs.
> I see you mentioned debian, im almost positive you used its package
> system. Try grabbing the lastest stable
I am running the latest Debian unstable release.
> or grabbing it via snapshots/ directory. Rolling Your Own is the best
> method for a new snort user.
Ok. Hope it will compile ok :)
> And read my signature(below) and apply that to _EVERYTHING_ ;-)
More information about the Snort-users