|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: RE: Can I use RealSecure Server Sensor with snort?
From: Li, John (Li
Security-Card.com)Date: Fri Dec 01 2000 - 09:03:01 CST
- Next message: robert.d.turnerbt.com: "RE: http-attack-signatures on another TCP port"
- Previous message: Mark Webster: "Internet Scanner 6.1 scanning through firewall"
- Maybe in reply to: Li, John: "Can I use RealSecure Server Sensor with snort?"
- Maybe reply: Li, John: "RE: Can I use RealSecure Server Sensor with snort?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
majordomoiss.net Contact issforum-owneriss.net for help with any problems!
----------------------------------------------------------------------------
OK. But what type of log information can be analyzed by OS/Server Sensor, is
there any
standard between them? BTW, I can not find the whitepaper from www.iss.net.
:(
Thanks a lot.
John Li
> -----Original Message-----
> From: Marc Delince [SMTP:marc.delincecomputer.org]
> Sent: Friday, December 01, 2000 9:26 AM
> To: 'mark.teichernetworkice.com'; Li, John
> Subject: RE: Can I use RealSecure Server Sensor with snort?
>
> You can always try to use a RealSecure OS Sensor to analyze the log
> from SNORT and the result will obviously be compatible with
> RealSecure logs...
>
> There is/was a whitepaper on www.iss.net on integrating Cisco Syslogs
> into RealSecure using a RealSecure Host Agent (the previous name for
> the OS Sensor).
>
> Marc
>
> On Thursday, November 30, 2000 1:38 PM, mark.teichernetworkice.com
> [SMTP:mark.teichernetworkice.com] wrote:
> >
> > TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your
> > message to
> > majordomoiss.net Contact issforum-owneriss.net for help with any
> > problems!
> >
> --------------------------------------------------------------------
> > --------
> >
> > If one were to write a parser that would basically format the Sn0rt
> > log
> > into the schema that is used by ISS
> >
> > At 05:05 PM 11/30/00 -0500, Li, John wrote:
> >
> > >TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your
> > >message to
> > >majordomoiss.net Contact issforum-owneriss.net for help with
> any
> > >problems!
> >
> >-------------------------------------------------------------------
> > >---------
> > >
> > >Hi,
> > >
> > >Can I use server sensor to receive the log from snort and then
> send
> > >to
> > >management console? How to do that ? Thank you.
> > >
> > >John Li
> >
- Next message: robert.d.turnerbt.com: "RE: http-attack-signatures on another TCP port"
- Previous message: Mark Webster: "Internet Scanner 6.1 scanning through firewall"
- Maybe in reply to: Li, John: "Can I use RealSecure Server Sensor with snort?"
- Maybe reply: Li, John: "RE: Can I use RealSecure Server Sensor with snort?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]