[Snort-users] Various Alerts and Logging
This is a discussion on [Snort-users] Various Alerts and Logging within the Snort forums, part of the System Security and Security Related category; This is a multi-part message in MIME format. ------=_NextPart_000_000D_01C423FD.89037620 Content-Type: text/plain; charset="iso-8859-1&...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-17-2004
|
|||
|
|||
[Snort-users] Various Alerts and Logging
This is a multi-part message in MIME format.
------=_NextPart_000_000D_01C423FD.89037620 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi All, I was wondering if someone could give me some insight into the = following items: [**] [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING [**] 04/16-19:58:54.674946 12.218.63.129:1777 -> 172.21.2.86:80 [**] [119:3:1] (http_inspect) U ENCODING [**] 04/16-19:31:11.433642 67.121.88.83:4150 -> 172.21.2.82:80 Is it possible to enable the use of SYSLOG and at the same time, log = information to the /var/log/snort/alert file as well? Bill ------=_NextPart_000_000D_01C423FD.89037620 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.2800.1400" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial size=3D2>Hi All,</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2> I was wondering if = someone could=20 give me some insight into the following items:</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>[**] [119:4:1] (http_inspect) BARE BYTE = UNICODE=20 ENCODING [**]<BR>04/16-19:58:54.674946 12.218.63.129:1777 ->=20 172.21.2.86:80</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>[**] [119:3:1] (http_inspect) U = ENCODING=20 [**]<BR>04/16-19:31:11.433642 67.121.88.83:4150 ->=20 172.21.2.82:80</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>Is it possible to enable the use of = SYSLOG and at=20 the same time, log information to the /var/log/snort/alert file as=20 well?</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>Bill</FONT></DIV></BODY></HTML> ------=_NextPart_000_000D_01C423FD.89037620-- ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
