[Snort-users] Re: Snort-users digest, Vol 1 #4234 - 12 msgs

Jason security at ...5028...
Fri May 14 13:37:04 EDT 2004


When you say your ISP I assume you mean a cable provider or similar and 
that you are connected with a machine that you control and have root 
access to. This would have to be the case for you to run snort on a 
linux variant so I will continue on that assumption.

The ISP can not prevent you from installing a database and webserver for 
use locally on your system to make analysis easier, they may prevent you 
from accessing it from the internet at large but I suspect that this is 
an AUP issue and not that they are blocking things. if they were 
actually blocking things I would expect your snort logs to be fairly 
quiet and analysis at the shell should be trivial.

I have not used snortalog so I cannot comment on it's usefulness however 
you might want to look at ACID and the installation manuals linked off 
of snort.org in the docs section

http://www.snort.org/docs/


attechni wrote:

> Thanks for the links Jason . I was trying to check out the 
> http://www.sourcefire.com/services/training.html
> link but could not find the prices for the training. Does any one know  where 
> on the site I could find the prices for training?
> Also I found this link for snortalog at 
> http://jeremy.chartier.free.fr/snortalog/config.html#dependencies
> It looks like I do'nt have to run a SQL server or any other type of server to 
> run this. Has any one else ran this program? And if so is it as great as it 
> looks for snort log analysis? Because I have been manually looking
> through the logs because my ISP does'nt allow me to run a server. Could I get 
> help through this list installing this(snortalog)? I am running a Linux 
> Mandrake 9.1 system.
>  Thanks attechni
> 
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by: SourceForge.net Broadband
> Sign-up now for SourceForge Broadband and get the fastest
> 6.0/768 connection for only $19.95/mo for the first 3 months!
> http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 





More information about the Snort-users mailing list