-----Message d'origine-----
De : Bénoni MARTIN
Envoyé : mercredi 9 mars 2005 14:37
À : David Jiménez Domínguez; snort-users@lists.sourceforge.net;
honeypots@securityfocus.com; focus-ids@securityfocus.com
Objet : RE: Snort and Mysql for statistics purposes
I can recommend you the famous Ntop for "Top ports, Top src_ip", and SnortSnarf
for "Top attacks".
But you can create your own tool with Perl ... Good luck ;)
-----Message d'origine-----
De : David Jiménez Domínguez [mailto:djdsecurity@gmail.com] Envoyé : mercredi 9
mars 2005 01:05 À : snort-users@lists.sourceforge.net;
honeypots@securityfocus.com; focus-ids@securityfocus.com Objet : Snort and
Mysql for statistics purposes
Hi folks!
I need to graph all the traffic in my network (Top ports, Top src_ip, Top
attacks) each 5 minutes...In the DataServer I have intalled Mysql and in the
firewall I have installed snort-2.3.0 and I created just 4 rules to get all the
tcp,udp,icmp and ip traffic in order to graph it with perl and rrdtool and post
it in a web page....
Do you think it is the best way to do that???
Have your ever done something like that?? What tools do you recommend me??
Regards
DJ
--------------------------------------------------
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id�396&opÌk
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list
