[Snort-users] Snort + acid + mysql

Michael Miller michael.miller at ...9988...
Fri Apr 2 11:25:17 EST 2004


I've had some success with 'IDS policy manager'. It runs on Windows, and
cannot run with emulation under linux, but it still might be something you
should look at. http://www.activeworx.com/idspm/
<http://www.activeworx.com/idspm/>  

 

Further, there's also SnortCenter, but I haven't get it fully running, and
IDS policy manager does most of what I want. http://users.pandora.be/larc/
<http://users.pandora.be/larc/>  

 

  _____  

From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Nils Fragoso
Sent: Friday, April 02, 2004 10:38 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Snort + acid + mysql

 

Hi Guys,

 

I've setup Snort, PHP, Apache, Mysql and Acid  on a Linux (RH 9.0). I've
followed an installation manual wrote by Patrick Harper, that I found on
www.internetsecurityguru.com <http://www.internetsecurityguru.com/> , which,
by the way, is a very good guide.  Snort is running fine and I'm able to get
the "bad" packets.

But now I need to update the rules, what is the best way to do this? And how
can I do this?

How about to use Snort to stop the attacks? Is any way it can do this?

I'm not a Linux "super user", so please send me detailed instructions, if
you want to help me.

Thanks in advance.

 

Nils

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040402/a4d3669c/attachment.html>


More information about the Snort-users mailing list