[Snort-users] Managing multiple sensors ?
Alex Butcher, ISC/ISYS
Alex.Butcher at ...11254...
Thu Sep 29 02:12:31 EDT 2005
--On 28 September 2005 21:22 +0200 Alexandre Ahmim-Richard
<passe at ...13538...> wrote:
> There was different talks about that subject before, but what solution
> would you choose in order to manage multiple sensors (between 15 and 30) ?
> Snortcenter ? Oinkmaster ? others ?
Oinkmaster, plus some shell scripts to implement sensor groups (by using
different oinkmaster config files for each group).
I started off with Snortcenter, but I eventually became convinced that it
was a bit too much of a toy to be useful with an 'Enterprise NIDS'. Also,
it needs work every time Snort adds new keywords to its signature
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9
More information about the Snort-users