[Snort-users] SMB alerts
Jason.Haar at ...294...
Fri Aug 13 17:16:37 EDT 2004
On Fri, Aug 13, 2004 at 06:20:51PM -0500, Frank Knobbe wrote:
> On Fri, 2004-08-13 at 18:02, Jason Haar wrote:
> > Seriously, it is. Why SMB and yet no SMTP? What about Jabber support?
> Actually, we are piping Snort alerts into a secure IRC channel (#alerts
..and I wasn't joking about the Jabber support - our alerting system allows
injecting different Snort alerts into different Jabber Rooms on our Jabber
server :-) Sort of an "informal" notification list for those who might want
to "peak in" once and a while.
> But we do that offline, not as an output-plugin (although that thought
> had crossed my mind ;)
We trigger everything off syslog - so the Snort syslog output is essential.
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
More information about the Snort-users