I'm sending all logs to one only host with syslog-ng. This can give me a lot of information if not filtered, but snort also makes daily reports and then sends them via mail to root or another user that i can define. This extra information is usefull as all the other. After reading all mails of the community, i think that ssmtp is the best choice for what i want to use, because: 1) as i said this host is a gateway and is in direct contact with www 2) no need to more services / open doors 3) last but not the least, there's less probability of a hole. Now, time to read the ssmtp doc's =) Thank you all. Regards, Ricardo Sousa. On Thu, 2003-02-13 at 10:14, Philipp Hetzner wrote: > n Thu, Feb 13, 2003 at 12:15:55AM +0000, Ricardo Sousa wrote: > > > >> How can i send/view snort stats without mailing them ?!? > > An other way is to log your syslog-messages to a remote host (e.g. with > syslog-ng²) and this host could handle the informations (prepare the > data with ACID³ and display it over https, sending mails ...). Syslog-ng > works on any port u want (e.g. 22) and supports encryption. > > Philipp Hetzner > > ²http://www.balabit.hu/en/downloads/syslog-ng/ > ³http://www.andrew.cmu.edu/~rdanyliw/snort/snortacid.html > > > -- > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org >
Attachment:
signature.asc
Description: This is a digitally signed message part