Snort mailing list archives

RE: Snort 2.3

From: "Ron Jenkins" <rjenkins () dibr net>
Date: Thu, 3 Feb 2005 11:22:26 -0600

So long as the kernel is updated, then that should fine.   I would be not recommended staying on an older kernel 
version for many reasons.

The bottom line is it stay as current as possible, so not it be left behind.

Thanks...

-----Original Message-----
From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of SN ORT
Sent: Thursday, February 03, 2005 11:07 AM
To: snort-users () lists sourceforge net
Cc: Patrick.Harper () phns com
Subject: RE: [Snort-users] Snort 2.3

There is absolutely nothing wrong with running Snort
on Redhat 7.x, Many have been doing it for years. What
would be the point to have to constantly update it if
only you can get to it and it only runs Snort? I also
run it on FreeBSD, and why would I want to keep that
updated? SO what if it's no longer available or not
supported?  The OS is running, solidly, bugfree, tried
tested and proven! What more is there? And a lot of
people have smaller machines to run this stuff on. I'm
a little discouraged at the newer fat distros anymore
and the giant resources required to even load them up.


The bottom line is, on an IDS/IPS system, a
low-profile OS is the best match. Newer distros are a
waste of resources.

Cheese!
Marc

--__--__--

Message: 1
From: "Harper, Patrick" <Patrick.Harper () phns com>
To: "Narayan Sivaramakrishnan"
<nsivaram () mix wvu edu>,
      <snort-users () lists sourceforge net>
Date: Thu, 3 Feb 2005 00:15:20 -0600
Subject: RE: [Snort-users] Snort 2.3

I would assume it would work, but why are you
running on such an
antiquated distro.  You can not even get patched
from the
http://fedoralegacy.org/ project.  I am a redhat
fan, but I would never
use a distro that had been EOL'd by the vendor for a
new project.  If
you want free check out http://fedora.redhat.com or
any of the other
distros http://distrowatch.com/

-----Original Message-----
From: Narayan Sivaramakrishnan
[mailto:nsivaram () mix wvu edu]=20
Sent: Wednesday, February 02, 2005 1:36 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Snort 2.3

All,
Is Snort 2.3 good to go with Redhat Linux 7.2  .
Please advice.Is there
an installation manual which could detail the
installation of Snort 2.3
on Linux 7.2.?
Cheers,
Narayan

-------------------------------------------------------

This SF.Net email is sponsored by: IntelliVIEW --
Interactive Reporting
Tool for open source databases. Create drag-&-drop
reports. Save time by
over 75%! Publish reports on the web. Export to DOC,
XLS, RTF, etc.
Download a FREE copy at
http://www.intelliview.com/go/osdn_nl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or
unsubscribe:

https://lists.sourceforge.net/lists/listinfo/snort-users

Snort-users list archive:

http://www.geocrawler.com/redir-sf.php3?list=3Dsnort-users







Disclaimer:
This electronic message, including any attachments,
is confidential and int=
ended solely for use of the intended recipient(s).
This message may contain=
 information that is privileged or otherwise
protected from disclosure by a=
pplicable law. Any unauthorized disclosure,
dissemination, use or reproduct=
ion is strictly prohibited. If you have received
this message in error, ple=
ase delete it and notify the sender immediately.=20





--__--__--

Message: 2
From: Brian Stamper <BStamper () spencerhospital org>
To: snort-users () lists sourceforge net
Date: Thu, 3 Feb 2005 08:19:05 -0600 
Subject: [Snort-users] Alerts

I've had snort running now for a while and would
like to figure out how to
have it alert by email on certain things.  I've
attempted to make Swatch
work but so far haven't had any luck with that. 
What is everyone using to
make this happen?  Guess I just wanted some ideas.
Thanks,
Brian


--__--__--

Message: 3
Date: Thu, 3 Feb 2005 16:14:45 +0100 (CET)
From: Fabio Spadoni <fabiosge () yahoo it>
To: snort-users () lists sourceforge net
Subject: [Snort-users] ACID doesn't show nothing

--0-489904743-1107443685=:50488
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit

I have installed on fedora 3 box snort 2.3.0, mysql
and acid.
 
Using snort -c /... everythink appears to func very
well, but while I can see some results in
/var/log/snort/alert nothing on the contrary appear
in acid web page, everythink has zero value, sensor,
alert, etc etc
 
Any ideas?
 
Thanks, 
 
ciao
 
Fabio
 

                              
---------------------------------
Nuovo Yahoo! Messenger E' molto più divertente:
Audibles, Avatar, Webcam, Giochi, Rubrica... Scaricalo
ora! 
--0-489904743-1107443685=:50488
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: 8bit

<DIV>I have installed on fedora 3 box snort 2.3.0,
mysql and acid.</DIV>
<DIV>&nbsp;</DIV>
<DIV>Using snort -c /...&nbsp;everythink
appears&nbsp;to&nbsp;func very well, but while I can
see some results in /var/log/snort/alert nothing on
the contrary appear in acid web page, everythink has
zero value, sensor, alert, etc etc</DIV>
<DIV>&nbsp;</DIV>
<DIV>Any ideas?</DIV>
<DIV>&nbsp;</DIV>
<DIV>Thanks, </DIV>
<DIV>&nbsp;</DIV>
<DIV>ciao</DIV>
<DIV>&nbsp;</DIV>
<DIV>Fabio</DIV>
<DIV>&nbsp;</DIV><p>
      

      
              <hr size=1><font face="Arial" size="2"><a

href="http://it.rd.yahoo.com/mail/taglines/*http://it.messenger.yahoo.com";><b>Nuovo

Yahoo! Messenger</b></a> E' molto più divertente:
Audibles, Avatar, Webcam, Giochi, Rubrica... Scaricalo
ora! 
</font>
--0-489904743-1107443685=:50488--

=== message truncated ===



        
                
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - You care about security. So do we. 
http://promotions.yahoo.com/new_mail


-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Snort 2.3 Narayan Sivaramakrishnan (Feb 02)
- <Possible follow-ups>
- RE: Snort 2.3 Harper, Patrick (Feb 02)
- RE: Snort 2.3 SN ORT (Feb 03)
- RE: Snort 2.3 Ron Jenkins (Feb 03)
- RE: Snort 2.3 Harper, Patrick (Feb 03)
  - RE: Snort 2.3 SN ORT (Feb 03)
    - Re: Snort 2.3 James Riden (Feb 03)
- RE: Snort 2.3 Ron Jenkins (Feb 03)
- RE: Snort 2.3 Ron Jenkins (Feb 03)
- Re: Snort 2.3 SN ORT (Feb 04)