snort and auto-alert?

To: debian-user@lists.debian.org
Subject: snort and auto-alert?
From: Patrick Hsieh <pahud@pahud.net>
Date: Sun, 14 Jul 2002 10:03:36 +0800
Message-id: <[🔎] 20020714095931.E3CB.PAHUD@pahud.net>

Hello list,

I've installed snort on woody and it runs normally.
Is there anyway to make snort to work with some alert system so that
when a portscan or other attack behaviro occures, it calls the alert
system to page the system admin. or send email to system admin?
I need real time alert. It seems there's only cron analysis solution?


Another question. Can snort define a certain unnormal http access
behavior pattern, say, one single IP access on single URL multiple times
in EVERY second? If not, is there any opensource software can achieve
that?
-- 
Patrick Hsieh <pahud@pahud.net>


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: snort and auto-alert?
  - From: Jeff <jcoppock1@attbi.com>

Prev by Date: Re: Stupid dselect question
Next by Date: Re: Mozilla: Home page keeps resetting to default.
Previous by thread: Re: file missing in testing ?
Next by thread: Re: snort and auto-alert?
Index(es):
- Date
- Thread