Menu
▾
▴
Re: [Snort-inline-users] Looking for Weekly summary of Problems
|
From: <Wil...@kc...> - 2004-01-20 19:25:41
|
You should be able to compile snort_inline with MySQL support if you want to log to a MySQL database and an ACID server. As far as a document for the setup of MySQL and ACID refer to http://www.superhac.com/docs/snort_enterprise.pdf Compile snort with the --with-mysql option. If you are going to be sending this data across an unsecured like I would look at using stunnel to protect the MySQL traffic. http://www.stunnel.org/examples/mysql.html There is probably a better way to do this.... Just an idea..... Regards, Will Bill Warren <bw...@op...> Sent by: sno...@li... 01/20/2004 12:22 PM To: Sno...@li... cc: Subject: [Snort-inline-users] Looking for Weekly summary of Problems All, Now that I have my snort and snort-inline box up and going I would like to get a report of what the worst items are. That way my boss can see that in a week get hit with the SQL worm X number of times or John with IP x.x.x.x is sending out X number of bad whatever. Any body know of a sometime that can do this? Thanks, Bill -- ********************************** Bill Warren Optivel, Inc. E-mail: bw...@op... Voice: 317.275.2305 Fax: 317.275.2301 Web: http://www.optivel.com ********************************** ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Snort-inline-users mailing list Sno...@li... https://lists.sourceforge.net/lists/listinfo/snort-inline-users |
