[Snort-users] [Fwd: [Fwd: Re: Snort-snmp for snort-2.0.0]]

Jose Vicente Nunez Z josevnz at ...7052...
Tue May 27 06:02:03 EDT 2003


These are very good news indeed!.

Thank you very much for your support.

JV.

On Tue, 2003-05-27 at 07:29, Glenn Mansfield Keeni wrote:
> Hi Folks,
>       Sincere apologies for the delay in getting this
> thing out. The SnortSnmp module compatible with
> snort-2.0.0 is ready. I have tried it on the following
> platforms
>        Solaris[ucd-snmp-4.2.*],
>        FreeBSD[ucd-snmp-4.2.* and net-snmp-5.0.*]
>        Linux  [net-snmp-5.0.*].
> It seems to be working without problems.
> 
> The software is available from
> http://www.cysol.co.jp/contrib/snortsnmp/SnortSnmp-2.0.0-01.gz
> 
> Let me know if there are problems.
> 
> Thanks and Cheers
> 
>         Glenn
> 
> 
> PS.
> Excerpts from README.SNMP
> 
> Introduction.
>       The snortSnmpPlugin enables snort to send snmp alerts to network
>       managemement systems (NMS). The alerts can be traps (the alert will
>       not be acknowledged by the receiver) or informs (the alert will be
>       acknowledged by the receiver ).
>       This adds significant power to the NMS by allowing it to monitor the
>       security of the network. It also allows the snort sensor to exploit
>       the features that are built into existing network management systems.
> 
> Requirements:
>       The plugin requires the net-snmp (or ucd-snmp) libraries and header files.
> 
>       You will need to download and install the net-snmp (ucd-snmp)
>       package before you try to install this plugin. The package can be
>       downloaded from http://net-snmp.sourceforge.net/
> 
>       You will need the latest snort source distribution.
> 
> Activation Steps:
> 
>        NOTE: That the MIB files in the etc directory
>              etc/SnortCommonMIB.txt
>              etc/SnortIDAlertMIB.txt
> 
>          need to be referred to by snmp applications.
> 
>              [Otherwise the OID-to-name translation will not take place]
>              refer to the snmpcmd manpages [do 'man snmpcmd'] for further details.
> 
> 
>     0. Build the Snmp enabled snort package.
>        DownLoad the SnortSnmpModule.
>        uncompress and untar - it will contain
>              README.SNMP                    -- This file
>              SnortSnmpPatch-<Version>.gz.   -- Patch to build the Snmp enabled snort
> 
>        In the Snort home directory  (this is where snort is gunzipped and untarred)
>        apply the patch SnortSnmpPatch e.g.
> 
>              zcat SnortSnmpPatch-2.0-01.gz | patch -c
> 
>        This will update the following files
>              configure.in
>              Makefile.am
>              src/plugbase.c
>              etc/snort.conf
>        It will create the following files
>              doc/README.SNMP
>              etc/SnortCommonMIB.txt
>              etc/SnortIDAlertMIB.txt
>              src/output-plugins/spo_SnmpTrap.c
>              src/output-plugins/spo_SnmpTrap.h
> 
>     1. follow the usual steps to build the package
> 
>              ./configure --with-snmp --with-openssl
>              make
>              su
>              make install
> 
> ....
> ....
> 
> 
> 
> 
> 
> 
> 
> 
> -------------------------------------------------------
> This SF.net email is sponsored by: ObjectStore.
> If flattening out C++ or Java code to make your application fit in a
> relational database is painful, don't do it! Check out ObjectStore.
> Now part of Progress Software. http://www.objectstore.net/sourceforge
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- 
Jose Vicente Nunez Zuleta (josevnz at newbreak dot com)
Newbreak LLC System Administrator
http://www.newbreak.com
RHCE, SCJD, SCJP





More information about the Snort-users mailing list