[Snort-users] Integrate Snort with Remedy, Anyone Please???

Owen McCusker mccusker at ...10962...
Thu Feb 12 09:37:04 EST 2004


I would put some type "air-gap" somewhere in the
overall security operations of your ticket system.

During DOS exploits you may be generating lots of ticks,
auto-ticket generator.

Maybe use ACID alert capabilities, and wrap the creation
of an alert group with the creation of a ticket
in your Trouble Ticket System.

Owen


>All,
>My snort IDS on Solaris 8 has been running more
>stable, and in better control now.
>
>I'm thinking of integrating Snort alerts with Trouble
>Ticket Systmes - specifically Remedy, in order to be
>monitored together with other type of tickets, and be
>tracked the progress of resolving issues detected by
>Snort.
>
>Has anyone done the similar things, or know better to
>offer any suggestions/comments/places to look further
>PLEASE?
>
>I will share my results if I can make progress on this
>one.
>
>Thank you in advace!
>Snortlover.
>
>__________________________________
>Do you Yahoo!?
>Yahoo! Finance: Get your refund fast by filing online.
>http://taxes.yahoo.com/filing.html
>
>
>-------------------------------------------------------
>SF.Net is sponsored by: Speed Start Your Linux Apps Now.
>Build and deploy apps & Web services for Linux with
>a free DVD software kit from IBM. Click Now!
>http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
>_______________________________________________
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>https://lists.sourceforge.net/lists/listinfo/snort-users
>Snort-users list archive:
>http://www.geocrawler.com/redir-sf.php3?list=snort-users





More information about the Snort-users mailing list