[Snort-users] New to the lists and snort

Ricardo, Gerson gricardo at ...8098...
Thu Jan 30 12:02:34 EST 2003


You can always use snortcenter to setup and rapidly configure/re-deploy snort agents using multiple rulesets.  As an added bonus, remote agents communicate via SSL to the primary host allowing for an expansive IDS system. ( http://users.pandora.be/larc/ )

gerson j. ricardo 
network engineer 
Gables Engineering, Inc. 


-----Original Message-----
From: Snow Jacob C KPWA [mailto:JacobSC at ...160...]
Sent: Thursday, January 30, 2003 2:36 PM
To: 'snort-users at lists.sourceforge.net'
Subject: [Snort-users] New to the lists and snort


I am new to this list as well as to snort.  I am taking over an NIDS from someone that currently had it up and running.  Currently we have taken it down to ensure that it is secure since he left and has passwords.  We currently have a system that is running on Linux 7.3 with a MySQL database backend that is used to consolidate the hits (on a different machine) and APACHE and ACID for viewing and administration.  We would like to add a second sensor and have all of the hits or detections consolidated into the one SQL database for analysis and report generation.  I have a couple of questions regarding this issue first and foremost is it possible to accomplish all of this using a windows-based version of snort and what do I need to do to add another sensor to the system.
Any help is greatly appreciated, and thanx in advance. 
Thank you, 
Jacob Snow 
jacobsc at ...160... 
(360)315-3487 
NAVSEA Intern 




More information about the Snort-users mailing list