RE: [Snort-users] Snort 2.3
This is a discussion on RE: [Snort-users] Snort 2.3 within the Snort forums, part of the System Security and Security Related category; I just have a problem running a system that no one is doing patches for. A= lot of new distros ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-03-2005
|
|||
|
|||
RE: [Snort-users] Snort 2.3
I just have a problem running a system that no one is doing patches for. A=
lot of new distros can be trimmed down just as well as 7.X could be. You c= an patch manually but I personally do not have that kind of time. -----Original Message----- From: SN ORT [mailto:snort_on_acid@yahoo.com]=20 Sent: Thursday, February 03, 2005 11:07 AM To: snort-users@lists.sourceforge.net Cc: Harper, Patrick Subject: RE: [Snort-users] Snort 2.3 There is absolutely nothing wrong with running Snort on Redhat 7.x, Many ha= ve been doing it for years. What would be the point to have to constantly u= pdate it if only you can get to it and it only runs Snort? I also run it on= FreeBSD, and why would I want to keep that updated? SO what if it's no lon= ger available or not supported? The OS is running, solidly, bugfree, tried= tested and proven! What more is there? And a lot of people have smaller ma= chines to run this stuff on. I'm a little discouraged at the newer fat dist= ros anymore and the giant resources required to even load them up. The bottom line is, on an IDS/IPS system, a low-profile OS is the best matc= h. Newer distros are a waste of resources. Cheese! Marc > --__--__-- >=20 > Message: 1 > From: "Harper, Patrick" <Patrick.Harper@phns.com> > To: "Narayan Sivaramakrishnan" > <nsivaram@mix.wvu.edu>, > <snort-users@lists.sourceforge.net> > Date: Thu, 3 Feb 2005 00:15:20 -0600 > Subject: RE: [Snort-users] Snort 2.3 >=20 > I would assume it would work, but why are you running on such an=20 > antiquated distro. You can not even get patched from the=20 > http://fedoralegacy.org/ project. I am a redhat fan, but I would=20 > never use a distro that had been EOL'd by the vendor for a new=20 > project. If you want free check out http://fedora.redhat.com or any=20 > of the other distros http://distrowatch.com/ >=20 > -----Original Message----- > From: Narayan Sivaramakrishnan > [mailto:nsivaram@mix.wvu.edu]=3D20 > Sent: Wednesday, February 02, 2005 1:36 PM > To: snort-users@lists.sourceforge.net > Subject: [Snort-users] Snort 2.3 >=20 > All, > Is Snort 2.3 good to go with Redhat Linux 7.2 . > Please advice.Is there > an installation manual which could detail the installation of Snort=20 > 2.3 on Linux 7.2.? > Cheers, > Narayan >=20 >=20 >=20 > ------------------------------------------------------- > This SF.Net email is sponsored by: IntelliVIEW -- Interactive=20 > Reporting Tool for open source databases. Create drag-&-drop reports.=20 > Save time by over 75%! Publish reports on the web. Export to DOC, XLS, > RTF, etc. > Download a FREE copy at > http://www.intelliview.com/go/osdn_nl > _______________________________________________ > Snort-users mailing list > Snort-users@lists.sourceforge.net > Go to this URL to change user options or > unsubscribe: > https://lists.sourceforge.net/lists/...fo/snort-users > Snort-users list archive: > http://www.geocrawler.com/redir-sf.p...D3Dsnort-users >=20 >=20 >=20 >=20 >=20 >=20 > Disclaimer: > This electronic message, including any attachments, is confidential=20 > and int=3D ended solely for use of the intended recipient(s). > This message may contain=3D > information that is privileged or otherwise protected from disclosure > by a=3D pplicable law. Any unauthorized disclosure, dissemination, use > or reproduct=3D ion is strictly prohibited. If you have received this=20 > message in error, ple=3D ase delete it and notify the sender=20 > immediately.=3D20 >=20 >=20 >=20 >=20 >=20 > --__--__-- >=20 > Message: 2 > From: Brian Stamper <BStamper@spencerhospital.org> > To: snort-users@lists.sourceforge.net > Date: Thu, 3 Feb 2005 08:19:05 -0600 > Subject: [Snort-users] Alerts >=20 > I've had snort running now for a while and would like to figure out=20 > how to have it alert by email on certain things. I've attempted to=20 > make Swatch work but so far haven't had any luck with that. > What is everyone using to > make this happen? Guess I just wanted some ideas. > Thanks, > Brian >=20 >=20 > --__--__-- >=20 > Message: 3 > Date: Thu, 3 Feb 2005 16:14:45 +0100 (CET) > From: Fabio Spadoni <fabiosge@yahoo.it> > To: snort-users@lists.sourceforge.net > Subject: [Snort-users] ACID doesn't show nothing >=20 > --0-489904743-1107443685=3D:50488 > Content-Type: text/plain; charset=3Diso-8859-1 > Content-Transfer-Encoding: 8bit >=20 > I have installed on fedora 3 box snort 2.3.0, mysql > and acid. > =20 > Using snort -c /... everythink appears to func very > well, but while I can see some results in > /var/log/snort/alert nothing on the contrary appear > in acid web page, everythink has zero value, sensor, > alert, etc etc > =20 > Any ideas? > =20 > Thanks,=20 > =20 > ciao > =20 > Fabio > =20 >=20 > =09 > --------------------------------- > Nuovo Yahoo! Messenger E' molto pi=F9 divertente: > Audibles, Avatar, Webcam, Giochi, Rubrica... Scaricalo > ora!=20 > --0-489904743-1107443685=3D:50488 > Content-Type: text/html; charset=3Diso-8859-1 > Content-Transfer-Encoding: 8bit >=20 > <DIV>I have installed on fedora 3 box snort 2.3.0, > mysql and acid.</DIV> > <DIV> </DIV> > <DIV>Using snort -c /... everythink > appears to func very well, but while I can > see some results in /var/log/snort/alert nothing on > the contrary appear in acid web page, everythink has > zero value, sensor, alert, etc etc</DIV> > <DIV> </DIV> > <DIV>Any ideas?</DIV> > <DIV> </DIV> > <DIV>Thanks, </DIV> > <DIV> </DIV> > <DIV>ciao</DIV> > <DIV> </DIV> > <DIV>Fabio</DIV> > <DIV> </DIV><p> > =09 >=20 > =09 > <hr size=3D1><font face=3D"Arial" size=3D"2"><a > href=3D"http://it.rd.yahoo.com/mail/taglines/*http://it.messenger.yahoo.com= "><b>Nuovo > Yahoo! Messenger</b></a> E' molto pi=F9 divertente: > Audibles, Avatar, Webcam, Giochi, Rubrica... Scaricalo > ora!=20 > </font> > --0-489904743-1107443685=3D:50488-- >=20 >=20 >=20 =3D=3D=3D message truncated =3D=3D=3D =09 =09 __________________________________=20 Do you Yahoo!?=20 Yahoo! Mail - You care about security. So do we.=20 http://promotions.yahoo.com/new_mail Disclaimer: This electronic message, including any attachments, is confidential and int= ended solely for use of the intended recipient(s). This message may contain= information that is privileged or otherwise protected from disclosure by a= pplicable law. Any unauthorized disclosure, dissemination, use or reproduct= ion is strictly prohibited. If you have received this message in error, ple= ase delete it and notify the sender immediately.=20 ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
