[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] IDS and established TCP/UDP sessions
- Subject: Re: [cobalt-security] IDS and established TCP/UDP sessions
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Sat, 1 Dec 2001 17:33:03 +0100
- Organization: Stauber Multimedia Design
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Mike,
> Although I haven't installed it yet, Snort is where I'm most likely
> headed, but want to hear from you guys.
Snort is really worth it. But you also should get Demarc
(http://www.demarc.org). It is a web frontend to Snort and uses MySQL to
store Snorts reports. You'll then get nifty reports and statistical
breakdowns of what's going on.
Of course you need to build Snort with MySQL support to make it interface
with Demarc. The Demarc docs tell you how to do that. AFAIK the RPMs for
Snort do not come with MySQL support, but it's easy to compile.
--
With best regards,
Michael Stauber
SOLARSPEED.NET