Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Undeliverable:Re: [Snort-users] barnyard (fwd)

from [Paul Schmehl] Network Security [Permanent Link]
Subject: Undeliverable:Re: [Snort-users] barnyard (fwd)
Date: Fri, 27 Jan 2006 23:09:38 -0600
This address has been bouncing for well over a year. Do the administrators of this list think it might be possible to purge the address from the list?

------------ Forwarded Message ------------
Date: January 27, 2006 10:49:02 PM -0600
From: System Administrator <postmaster@utdevs08.utdallas.edu>
To: "Schmehl, Paul L" <pauls@utdallas.edu>
Subject: Undeliverable:Re: [Snort-users] barnyard

Your message

 To:      Brian Krusic; snort-users@lists.sourceforge.net
 Subject: Re: [Snort-users] barnyard
 Sent:    Fri, 27 Jan 2006 22:21:16 -0600

did not reach the following recipient(s):

anjah@imedia.fr on Fri, 27 Jan 2006 22:26:51 -0600
   The e-mail account does not exist at the organization this message
was sent to.  Check the e-mail address, or contact the recipient
directly to find out the correct address.
   <imedia-hvj182q6.imedia.net #5.1.1>

---------- End Forwarded Message ----------



Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/
--- Begin Message ---
Subject: Undeliverable:Re: [Snort-users] barnyard
Date: Fri, 27 Jan 2006 22:49:02 -0600 
Your message

  To:      Brian Krusic; snort-users@lists.sourceforge.net
  Subject: Re: [Snort-users] barnyard
  Sent:    Fri, 27 Jan 2006 22:21:16 -0600

did not reach the following recipient(s):

anjah@imedia.fr on Fri, 27 Jan 2006 22:26:51 -0600
    The e-mail account does not exist at the organization this message
was sent to.  Check the e-mail address, or contact the recipient
directly to find out the correct address.
    <imedia-hvj182q6.imedia.net #5.1.1>

Reporting-MTA: dns; UTDEVS08.campus.ad.utdallas.edu

Final-Recipient: RFC822; anjah@imedia.fr
Action: failed
Status: 5.1.1
X-Supplementary-Info: <imedia-hvj182q6.imedia.net #5.1.1>
X-Display-Name: anjah@imedia.fr
--- Begin Message ---
Subject: Re: [Snort-users] barnyard
Date: Fri, 27 Jan 2006 22:21:16 -0600 
--On January 27, 2006 4:47:14 PM -0800 Brian Krusic <brian@krusic.com> 
wrote:


My command line;

barnard -c /usr/local/barnyard/etc/barnyard.conf -d /var/log/snort -g
/usr/local/snort/etc/gen-msg.map -s /usr/local/snort/etc/sid-msg.map -f
snort.alert


You can run barnyard with this:
barnyard -c /path/to/conffile -d /path/to/logdir -f logfilename

If you do this in the barnyard.conf file
config sid-msg-map: /path/to/sid-msg.map
config gen-msg=map: /path/to/gen-msg.map
config class-file: /path/to/classification.config

This is not in the docs, but it is in the source code.  (I'm the FreeBSD 
port maintainer for barnyard.)

Barnyard can output directly to a text file, to a pcap file, to a database 
(mysql or postgresql) or to sguil.

Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

--- End Message ---

--- End Message ---
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Undeliverable:Re: [Snort-users] barnyard (fwd), Paul Schmehl <=
Previous by Date:  Re: [Snort-users] barnyard, Paul Schmehl
Next by Date:  [Snort-users] BASE and PHP5, Clemente Aguiar
Previous by Thread:  [Snort-users] barnyard, Brian Krusic
Next by Thread:  [Snort-users] BASE and PHP5, Clemente Aguiar
Indexes:  [Date] [Thread] [Top] [All Lists]