[Snort-users] Managing multiple sensors ?

Alex Butcher, ISC/ISYS Alex.Butcher at ...11254...
Thu Sep 29 02:12:31 EDT 2005


--On 28 September 2005 21:22 +0200 Alexandre Ahmim-Richard 
<passe at ...13538...> wrote:

> There was different talks about that subject before, but what solution
> would you choose in order to manage multiple sensors (between 15 and 30) ?
>
> Snortcenter ? Oinkmaster ? others ?

Oinkmaster, plus some shell scripts to implement sensor groups (by using 
different oinkmaster config files for each group).

I started off with Snortcenter, but I eventually became convinced that it 
was a bit too much of a toy to be useful with an 'Enterprise NIDS'. Also, 
it needs work every time Snort adds new keywords to its signature 
definition language.

Best Regards,
Alex.
-- 
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9






More information about the Snort-users mailing list