[Snort-users] Fwd: BASE

Paul O'Brien pdobrien3 at gmail.com
Mon Sep 11 11:52:56 EDT 2017


Ok, I am sure there are plenty of documents on the Snort site. I will do some research there. Thank you for the response. 

Thanks,
Dan

"Better is a poor man who walks in his integrity than a rich man who is crooked in his ways." - Proverbs 28:6

Sent from my iPhone

Begin forwarded message:

> From: Ron Sinclair via Snort-users <snort-users at lists.snort.org>
> Date: September 10, 2017 at 2:29:15 PM EDT
> Cc: snort-users at lists.snort.org
> Subject: Re: [Snort-users] BASE
> Reply-To: Ron Sinclair <unixfool at gmail.com>
> 
> You'd have to tune Snort itself (rules and/or processors), not BASE.  BASE will allow you to see/manipulate the alerts, but that's about it.
> 
> Ron Sinclair
> unixfool at gmail.com
> 
> 
>> On Sat, Sep 9, 2017 at 6:49 PM, Dan O'Brien via Snort-users <snort-users at lists.snort.org> wrote:
>> All,
>> 
>> If I am posting off-topic, please let me know. I have installed snort, barnyard2, oinkmaster, and BASE.  Everything seems to be working very well.  I followed one of the how-toos on the snort site. I am slowly learning and have tried several IDS without success. The config I have now seems to be stable and I am very happy with it. I just need to start configuring BASE and I can not find any help on the web. I need to start learning how to tell BAE what is significant and what is not and to alert me on important stuff. I would also like to try and get some of the graph stuff working as it doesn't seem to work. 
>> 
>> This is the guide I followed. 
>> 
>> https://s3.amazonaws.com/snort-org-site/production/document_files/files/000/000/122/original/Snort_2.9.9.x_on_Ubuntu_14-16.pdf?AWSAccessKeyId=AKIAIXACIED2SPMSC7GA&Expires=1505000935&Signature=Z7Tc484O02UTenkqQPax%2BFythyE%3D
>> 
>> Thanks,
>> Dan
>> 
>> "Better is a poor man who walks in his integrity than a rich man who is crooked in his ways." - Proverbs 28:6
>> 
>> Sent from my iPad
>> 
>> 
>> Thanks,
>> Dan
>> 
>> "Better is a poor man who walks in his integrity than a rich man who is crooked in his ways." - Proverbs 28:6
>> 
>> Sent from my iPad
>> 
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.snort.org
>> Go to this URL to change user options or unsubscribe:
>> https://lists.snort.org/mailman/listinfo/snort-users
>> 
>> Please visit http://blog.snort.org to stay current on all the latest Snort news!
>> 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.snort.org
> Go to this URL to change user options or unsubscribe:
> https://lists.snort.org/mailman/listinfo/snort-users
> 
> Please visit http://blog.snort.org to stay current on all the latest Snort news!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20170911/f60fb2ad/attachment.html>


More information about the Snort-users mailing list