[Snort-users] Snort + LCD display

Alejandro Flores alejandro.flores at ...4218...
Mon Jul 28 06:11:07 EDT 2003


	Hello,

	You could write a little progie to read from a unix socket and
configure snort to write alerts to /dev/snort. Snort supports UNIX
socket loggin (experimental), with -A unsock.
	Maybe you could modify the spo_alert_unixsock.c or write another output
plugin to write to a socket. Also create a server to listen for
connections from this output plugin.
	Output the signature name, source ip and destination ip.

See ya!


> Hi,
> I have some interesting idea - I want to connect LCD display (simple 
> alphanumeric LCD based on hd44780 chip) to my server and use Snort to 
> display security alerts on it. I'm planning use LCDproc server for 
> controling the LCD and write my own programm (I prefer C++) to 
> communicate between Snort and LCDproc.
> 
> But I don't know how to implement the communication method. Firstly I 
> wanted to processing Snort log files by my program and display alerts on 
> LCD, but this program has to check log files every (in example) 1 
> minute. Is there any method to display alerts on-the-fly (without 
> checking log files or database every X minutes)?
> What Snort output system  will be the best in this case (I prefer 
> displaying alerts immediately)?
> Maybe any other solutions? Please help.
> 
> Thanks in advance for any suggestions
> 
> Best regards
> 
> 
> 
> -------------------------------------------------------
> This SF.Net email sponsored by: Free pre-built ASP.NET sites including
> Data Reports, E-commerce, Portals, and Forums are available now.
> Download today and enter to win an XBOX or Visual Studio .NET.
> http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users





More information about the Snort-users mailing list