[Snort-users] Snort + LCD display
alejandro.flores at ...4218...
Mon Jul 28 06:11:07 EDT 2003
You could write a little progie to read from a unix socket and
configure snort to write alerts to /dev/snort. Snort supports UNIX
socket loggin (experimental), with -A unsock.
Maybe you could modify the spo_alert_unixsock.c or write another output
plugin to write to a socket. Also create a server to listen for
connections from this output plugin.
Output the signature name, source ip and destination ip.
> I have some interesting idea - I want to connect LCD display (simple
> alphanumeric LCD based on hd44780 chip) to my server and use Snort to
> display security alerts on it. I'm planning use LCDproc server for
> controling the LCD and write my own programm (I prefer C++) to
> communicate between Snort and LCDproc.
> But I don't know how to implement the communication method. Firstly I
> wanted to processing Snort log files by my program and display alerts on
> LCD, but this program has to check log files every (in example) 1
> minute. Is there any method to display alerts on-the-fly (without
> checking log files or database every X minutes)?
> What Snort output system will be the best in this case (I prefer
> displaying alerts immediately)?
> Maybe any other solutions? Please help.
> Thanks in advance for any suggestions
> Best regards
> This SF.Net email sponsored by: Free pre-built ASP.NET sites including
> Data Reports, E-commerce, Portals, and Forums are available now.
> Download today and enter to win an XBOX or Visual Studio .NET.
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
More information about the Snort-users