[Snort-users] alternative to BASE

CunningPike cunningpike at ...11827...
Thu Apr 24 03:00:34 EDT 2008


Hi there,

My recommendation would be to run sguil and, for web-based summary 
reports like BASE provides, use squert - it's lots faster, and re-uses 
the sguildb that you already have.

CP

Lamanary Ramos de Pina wrote:
> Hi all,
> 
> I have a centos+snort+base ips set and is quite difficult to me to "see" 
> the results of the drops on BASE console. I understand that a sdrop 
> doesn't produce any alert but that's not what I want.
> 
> Is there anything like BASE (free or not) that runs over snort that 
> gives me a different feedback on the alerts, logs and drops namely?
> 
> I read something about sguil and i would like to know if is possible to 
> run it together with base? if yes, can you point me a good tutorial?
> 
> Yes, I admit that I haven't googled enough on this yet, I'm just asking 
> for a shortcut here.
> 
> Thanks, Lamanary
> 
> ps: I'm sorry for the other mail, I accidentally send it as reply on the 
> thread that I was reading.
> 
> -- 
> http://lamanary.wordpress.com
> 
> 
> ------------------------------------------------------------------------
> 
> -------------------------------------------------------------------------
> This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
> Don't miss this year's exciting event. There's still time to save $100. 
> Use priority code J8TL2D2. 
> http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list