Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Snort-users] [Semi-OT] What other applications contribute to Snort

from [James Lay] Network Security [Permanent Link]
Subject: Re: [Snort-users] [Semi-OT] What other applications contribute to Snort being a complete package?
Date: Wed, 22 Aug 2007 08:47:22 -0600 



On 8/22/07 8:35 AM, "Justin Heath" <justin.heath@gmail.com> wrote:


Snort is a complete package. However, there are some libraries that
are required to make snort useful such as pcap and pcre. Depending on
how you use Snort and what your objectives are, there are many add-ons
that add value depending on what you are trying to do. Snort is just
an IDS / IPS at the end of the day. If you want an analyst console or
remediation etc. this is when you need to start looking at add-ons.
Here are some popular additions:

flop (unified)
barnyard (unified)
syslog (log shipping / sim integration)
swatch (log watching)
base (analysys)
squil (analysys)
oinkmaster (rules)

This is not a comprehensive list (just off the top of my head), but
this should give you some areas to research. I'm sure others will be
happy to  chime in as to what add-ons they like to use.


Cheers,
Justin

On 8/22/07, James Lay <jlay@slave-tothe-box.net> wrote:


Just what I needed...thank you :)

James



Hey all!

As my post about diagnosing the mysql server has gone away messages
enlightened me on that I need barnyard, now I'm curious...what other
packages make Snort a complete package?  I have snort, mysql, apache, php
and recently added oinkmaster, but what else?  Barnyard...and?  Just
curious.

James



-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users



-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Snort-users] Barnyard for Windows?, Justin Heath
Next by Date:  Re: [Snort-users] Barnyard for Windows?, M. Shirk
Previous by Thread:  Re: [Snort-users] [Semi-OT] What other applications contribute to Snort being a complete package?, Justin Heath
Next by Thread:  Re: [Snort-users] [Semi-OT] What other applications contribute to Snort being a complete package?, Joel Esler
Indexes:  [Date] [Thread] [Top] [All Lists]