[Snort-users] Using snort to monitor traffic
This is a discussion on [Snort-users] Using snort to monitor traffic within the Snort forums, part of the System Security and Security Related category; i have snort inline (freebsd, ipfw, postgres logging) set up on my router to watch HTTP traffic. i would like ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-30-2007
|
|||
|
|||
[Snort-users] Using snort to monitor traffic
i have snort inline (freebsd, ipfw, postgres logging) set up on my router
to watch HTTP traffic. i would like to log in such a way that i can determine the last time any IP sent HTTP. i don't want to log any content, i just need the timestamps. i would prefer not to have to inspect the content or to log every HTTP packet. does snort seem like the proper tool for this job? i was going to use squid, but that seemed like overkill as just a transparent, non-caching proxy that logs to a flat file. thanks, frank ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 05:57 PM.
