Re: [Snort-users] alternative to BASE
This is a discussion on Re: [Snort-users] alternative to BASE within the Snort forums, part of the System Security and Security Related category; Hi there, My recommendation would be to run sguil and, for web-based summary reports like BASE provides, use squert - ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-24-2008
|
|||
|
|||
Re: [Snort-users] alternative to BASE
Hi there,
My recommendation would be to run sguil and, for web-based summary reports like BASE provides, use squert - it's lots faster, and re-uses the sguildb that you already have. CP Lamanary Ramos de Pina wrote: > Hi all, > > I have a centos+snort+base ips set and is quite difficult to me to "see" > the results of the drops on BASE console. I understand that a sdrop > doesn't produce any alert but that's not what I want. > > Is there anything like BASE (free or not) that runs over snort that > gives me a different feedback on the alerts, logs and drops namely? > > I read something about sguil and i would like to know if is possible to > run it together with base? if yes, can you point me a good tutorial? > > Yes, I admit that I haven't googled enough on this yet, I'm just asking > for a shortcut here. > > Thanks, Lamanary > > ps: I'm sorry for the other mail, I accidentally send it as reply on the > thread that I was reading. > > -- > http://lamanary.wordpress.com > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------- > This SF.net email is sponsored by the 2008 JavaOne(SM) Conference > Don't miss this year's exciting event. There's still time to save $100. > Use priority code J8TL2D2. > http://ad.doubleclick.net/clk;198757...un.com/javaone > > > ------------------------------------------------------------------------ > > _______________________________________________ > Snort-users mailing list > Snort-users@lists.sourceforge.net > Go to this URL to change user options or unsubscribe: > https://lists.sourceforge.net/lists/...fo/snort-users > Snort-users list archive: > http://www.geocrawler.com/redir-sf.p...st=snort-users ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757...un.com/javaone _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 11:20 AM.
