[Intrusions] IDS & snort !!

Gasper, Rick rjgasper at kings.edu
Mon Jun 7 18:54:25 GMT 2004 

I haven't played with this in a while, but IIRC you can do a regular
snort update. Make sure you point it at the snort folder which is not
the c:\snort.

Again, I recommend it to people who want to learn about snort and don't
want to be bogged down with all the other installs.

Rick Gasper
Manager Network Services
King's College
Wilkes-Barre PA 18711
rjgasper at kings.edu
PH:  570-208-5845
Fax: 570-208-6072


-----Original Message-----
From: intrusions-bounces at lists.sans.org
[mailto:intrusions-bounces at lists.sans.org] On Behalf Of Coen Bakkers
Sent: Monday, June 07, 2004 2:24 PM
To: Intrusions "List (GCIA Practicals)
Subject: RE: [Intrusions] IDS & snort !!

EaglesX is a nice product but does not support snort 2.1.3, does it?


On Mon, 2004-06-07 at 19:38, Gasper, Rick wrote:
> Try this for first time setup (windows only) I use it for a security
> class I teach.
> 
> http://www.engagesecurity.com/products/eaglex/
> 
> Rick Gasper
> Manager Network Services
> King's College
> Wilkes-Barre PA 18711
> rjgasper at kings.edu
> PH:  570-208-5845
> Fax: 570-208-6072
> 
> -----Original Message-----
> From: intrusions-bounces at lists.sans.org
> [mailto:intrusions-bounces at lists.sans.org] On Behalf Of Kenneth
Williams
> Sent: Monday, June 07, 2004 11:32 AM
> To: Intrusions List (GCIA Practicals)
> Subject: Re: [Intrusions] IDS & snort !!
> 
> Try ACID. It ships with the SNORT distro and simply requires an
> appropriate
> DB such as mysql.In the *nix distro it is located in the source
package
> under the contrib directory.
> Ken
> ----- Original Message ----- 
> From: "Mohammad M. Al-Kurbi" <malkorbi at isu.net.sa>
> To: <intrusions at incidents.org>
> Sent: Monday, June 07, 2004 3:04 AM
> Subject: [Intrusions] IDS & snort !!
> 
> 
> > Dear all ...
> >
> >   I am seeking your experience on the best tools that works with
> snort,
> > and would build a full IDS.
> >
> >   Snort would do: Sniffing + Detection + Alerting.
> >
> >   I would like to know the proper tools (From your experience) that
> helps
> > to complete the cycle:
> >
> > - Monitoring Console (GUI).
> > - Forensic Tools (If available).
> > - Reporting facilties.
> >
> >
> > Best Regards ...
> >
> > _______________________________________________
> > Intrusions mailing list
> > Intrusions at lists.sans.org
> > http://www.dshield.org/mailman/listinfo/intrusions
> 
> _______________________________________________
> Intrusions mailing list
> Intrusions at lists.sans.org
> http://www.dshield.org/mailman/listinfo/intrusions
> 
> _______________________________________________
> Intrusions mailing list
> Intrusions at lists.sans.org
> http://www.dshield.org/mailman/listinfo/intrusions
> 

_______________________________________________
Intrusions mailing list
Intrusions at lists.sans.org
http://www.dshield.org/mailman/listinfo/intrusions

More information about the Intrusions mailing list