[Snort-users] Snort For logging and auditing
zrhudson at ...125...
Tue Mar 20 21:21:17 EDT 2012
I have a mainframe which houses an application
accessed over telnet, the app is accessed by most of my staff and
auditing access is extremely poor. Instead
of paying a bucket load of cash to modify the system I am wondering if I
can use snort to log all of the ascii content to and from the
mainframe so we can audit access at a later date if required. Somewhat of a poor mans auditing solution I am hoping to
figure out a solution which will log the ascii from the tn3270 traffic
to a DB. Have done a bit of searching but have had no luck so far.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users