11-18-2003
Seems like a regular alladins cave of info, obviously a lot to do to get it right. Appreciate the direction.
Best regards
5 More Discussions You Might Find Interesting
1. Linux
Hi,
can anybody know snort port no in linux, (1 Reply)
Discussion started by: manoj.solaris
1 Replies
2. Cybersecurity
I have been asked to place 2 (1 NTOP & 1 SNORT) boxes within our network as part of our tool kit for network monitoring and Intrusion detection. Out network is very simplistic and it layed out like this:
internet
|
|
Cisco 1811 Router (8x Layer 2 switch ports)
... (0 Replies)
Discussion started by: metallica1973
0 Replies
3. Cybersecurity
Is it possible to rule out in alert all HTTPS traffic or rule out all the HTTPS trafic from the alerts on snort ? (3 Replies)
Discussion started by: drd0spt
3 Replies
4. Homework & Coursework Questions
Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted!
1. The problem statement, all variables and given/known data:
My system is Redhat 5.6. I want to install snort in my system which requires following dependencies.
1. Libpcap... (8 Replies)
Discussion started by: Ankur Goyal
8 Replies
5. UNIX for Beginners Questions & Answers
I've been trying to get Snort running on my lab network, but haven't been having much luck.
I installed Snort 2.9.14 on both Windows 10 & Ubuntu 18.04 (Running in VirtualBox 5.2.22). I seems to have the snort.conf file set up correctly in both environments, because when I test snort in either... (1 Reply)
Discussion started by: bodisha
1 Replies
SAGAN(8) System Manager's Manual SAGAN(8)
NAME
sagan - Real-time System & Event Log Monitoring System
SYNOPSIS
sagan [options]
DESCRIPTION
This manual page documents briefly the sagan command.
sagan is a multi-threaded, real time system- and event-log monitoring system, but with a twist. Sagan uses a "Snort" like rule set for
detecting malicious events happening on your network and/or computer systems.
If Sagan detects a potentially bad event, that event can be stored to a Snort database (MySQL/PostgreSQL), send it to a SIEM tool like Pre-
lude, or send an email.
Sagan is meant to be used in a 'centralized' logging environment, but will work fine as part of a standalone Host IDS system for worksta-
tions.
OPTIONS
These programs follow the usual GNU command line syntax, with long options starting with two dashes (`-'). A summary of options is
included below.
-h, --help
Show summary of options.
-d, --debug
Enable debugging
-D, --daemon
Make process a daemon (fork to the background)
-U, --user
Run as user (defaults to 'sagan')
-c, --chroot
Chroot to username 'sagan's home
-f, --config
Sagan configuration file to load
-p, --program
Run Sagan in syslog-ng's 'program' mode
AUTHOR
sagan was written by Champ Clark III <champ@softwink.com>
This manual page was written by Pierre Chifflier <pollux@debian.org>, for the Debian project (and may be used by others).
February 15, 2011 SAGAN(8)