...mmhh... there is a tool for remote log-analysis, "demarc", wich requies snort 1.8. Debian Snort is older... so I'm compiling it. But:
/usr/local/lib/libpcap.a(gencode.o): In function `pcap_compile': gencode.o(.text+0x203): undefined reference to `lex_init' /usr/local/lib/libpcap.a(grammar.o): In function `yyparse': grammar.o(.text+0x94): undefined reference to `yylex' grammar.o(.text+0x9ba): undefined reference to `yylex' collect2: ld returned 1 exit status make: *** [snort] Error 1 but I've got a lot of lex: # dpkg -l | grep lex ii flex 2.5.4a-14 A fast lexical analyzer generator. ii flexml 1-5 Generate fast validating XML processors and ii jflex 1.3.2-1 lexical analyzer generator for Java ii jlex 1.2.3-5 A Lex-style lexical analyser generator for J ii snort 1.7-9 Flexible NIDS (Network Intrusion Detection S ...so why doesn't snort compile? By the way, is it demarc good for you? I don't know what's the best for remote administration and log-analisy. Thanks, Marco
