If you want to see snort pottenciality you can also a great article written by Mick Bauer in Linux Journal (Issue 102, October 2002) named "Stealthful Sniffing, Intrusion Detection and Logging". Which can be found here: http://www.linuxjournal.com/article.php?sid=6222 Quite an interesting reading. Regards, P. Abrantes ++++++++++++++++++++++++++++++++++++++++ Computer Science Student @ Instituto Superior Tecnico (http://www.ist.utl.pt) "A language that doesn't affect the way you think about programming is not worth knowing." ++++++++++++++++++++++++++++++++++++++++ On Mon, 30 Dec 2002 11:35:12 -0800 Alberto Gonzalez <albertg@cerebro.violating.us> wrote: > Ethereal is just a sniffer. I believe paras wanted to be notified of any > suspicious activity. > I suggest running snort in NIDS mode to have snort inspect the packets > against its ruleset. > Snort will log to a DB, ascii file, sub directories, However you want it. > > You want e-mail notification, I suggest logging to syslog (-s option) > and using swatch to > watch syslog and e-mail you when it see's something. (This will be ALOT > of e-mails). > Anything else you want to do? > > Cheers, > Alberto Gonzalez. > > PS> If you just want to sniff, use tcpdump. > > SchmiTTT wrote: > > >Hello, > > > >ethereal > >or > >snort > > > >besides: > >does anybody know, where the source-code of 'xconsole' is ??? > > > >Regards > >Tino. > > > >Am Mon, 2002-12-30 um 11.31 schrieb paras: > > > > > >>hi all > >> > >>what is the best tool to use to monitor my network and my servers for > >>intruders and hackers?. if some one scans my network i want the action to be > >>notice in my mail or something like that. > >>i have heard of snort. beside this which is better tool? > >> > >> > >>Thanks > >>Paras. > >> > >>------------------------------------------------------------------------ > >> To unsubscribe email security-discuss-request@linuxsecurity.com > >> with "unsubscribe" in the subject of the message. > >> > >> > >> > > > > > >------------------------------------------------------------------------ > > To unsubscribe email security-discuss-request@linuxsecurity.com > > with "unsubscribe" in the subject of the message. > > > > > > > > > > -- > The secret to success is to start from scratch and keep on scratching. > > > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@linuxsecurity.com > with "unsubscribe" in the subject of the message. > ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
