[Snort-users] BASE

Ron Sinclair unixfool at gmail.com
Sun Sep 10 14:29:15 EDT 2017


You'd have to tune Snort itself (rules and/or processors), not BASE.  BASE
will allow you to see/manipulate the alerts, but that's about it.

Ron Sinclair
unixfool at gmail.com


On Sat, Sep 9, 2017 at 6:49 PM, Dan O'Brien via Snort-users <
snort-users at lists.snort.org> wrote:

> All,
>
> If I am posting off-topic, please let me know. I have installed snort,
> barnyard2, oinkmaster, and BASE.  Everything seems to be working very
> well.  I followed one of the how-toos on the snort site. I am slowly
> learning and have tried several IDS without success. The config I have now
> seems to be stable and I am very happy with it. I just need to start
> configuring BASE and I can not find any help on the web. I need to start
> learning how to tell BAE what is significant and what is not and to alert
> me on important stuff. I would also like to try and get some of the graph
> stuff working as it doesn't seem to work.
>
> This is the guide I followed.
>
> https://s3.amazonaws.com/snort-org-site/production/
> document_files/files/000/000/122/original/Snort_2.9.9.x_on_
> Ubuntu_14-16.pdf?AWSAccessKeyId=AKIAIXACIED2SPMSC7GA&Expires=
> 1505000935&Signature=Z7Tc484O02UTenkqQPax%2BFythyE%3D
>
> Thanks,
>
> Dan
>
> (770) 624-1010
>
> pdobrien3 at gmail.com
>
>
> "Better is a poor man who walks in his integrity than a rich man who is
> crooked in his ways." - Proverbs 28:6
>
>
> Sent from my iPad
>
>
> Thanks,
>
> Dan
>
> (770) 624-1010
>
> pdobrien3 at gmail.com
>
>
> "Better is a poor man who walks in his integrity than a rich man who is
> crooked in his ways." - Proverbs 28:6
>
>
> Sent from my iPad
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.snort.org
> Go to this URL to change user options or unsubscribe:
> https://lists.snort.org/mailman/listinfo/snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20170910/f036e52b/attachment.html>


More information about the Snort-users mailing list