Re: AW: Snort IDS

To: debian-user@lists.debian.org
Subject: Re: AW: Snort IDS
From: Mattia <mattia@elpiro.it>
Date: Wed, 18 Sep 2019 18:53:47 +0200
Message-id: <[🔎] 27329ffb-9fd3-d3b0-87d8-cb1ed067c0eb@elpiro.it>
In-reply-to: <[🔎] 1568800527.akgzu2ezhcgks4sc@webmail.o2online.de>
References: <[🔎] cfa908d6-b3b3-e3bf-a349-4a8efd063ed7@elpiro.it> <[🔎] 1568800527.akgzu2ezhcgks4sc@webmail.o2online.de>

Hello,

thanks for all the answers.

On Wed, 18 Sep 2019 09:55:27 +0000, Hans Ullrich <hans.ullrich@loop.de> wrote:

Hi Mattia,
snort is a great tool, and I am using it since a long time. I do not know, if snort is still maintained by debian,
but there is a successor which is called "suricata". Suricata is in the debian repo, and it shall better work with the ressources

(for example it is splitting into seperate processes). However, for my personal view, snort is easier to configure and its resuklts are better to be seen tahn in suricata.

I will give suricata a try.

Suricata has no nice reporting tool like snort (although there shall be an external tool, forgot the name).

May I ask you which reporting frontend for snort you are using?

Reply to:

Follow-Ups:
- Re: AW: Snort IDS
  - From: Jonas Smedegaard <jonas@jones.dk>

References:
- Snort IDS
  - From: Mattia <mattia@elpiro.it>
- AW: Snort IDS
  - From: hans.ullrich@loop.de

Prev by Date: Re: Bug?
Next by Date: Re: confused, seems to be my normal state
Previous by thread: AW: Snort IDS
Next by thread: Re: AW: Snort IDS
Index(es):
- Date
- Thread