[Snort-users] Snort For logging and auditing

Ryan Hudson zrhudson at ...125...
Tue Mar 20 21:21:17 EDT 2012


Hey all,
I have a mainframe which houses an application 
accessed over telnet, the app is accessed by most of my staff and 
auditing access is extremely poor.  Instead 
of paying a bucket load of cash to modify the system  I am wondering if I
 can use snort to log all of the ascii content to and from the 
mainframe so we can audit access at a later date if required.  Somewhat of a poor mans auditing solution I am hoping to 
figure out a solution which will log the ascii from the tn3270 traffic 
to a DB.   Have done a bit of searching but have had no luck so far.

Your thoughts? 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20120321/fd8ef659/attachment.html>


More information about the Snort-users mailing list