Historiadores acreditam que, em Seg 01 Set 2003 09:45, Ac�cio disse: > Bom dia, algu�m poderia me dar uma ajudinha no snort? > Como fa�o pra avisar via email de um log de alerta.
N�o faz. Ali�s, n�o faz diretamente, mas com a ajuda de outros aplicativos. Retirado do FAQ do Snort (http://www.snort.org/docs/FAQ.txt) 5.9 How do I get snort to e-mail me alerts? You can't. Such a process would slow Snort down too much to make it of any use. Instead, log to syslog and use swatch or logcheck to parse over the plaintext logfiles. With the logsurfer docs, this might get you on the road to doing something with snort & logsurfer: http://www.obfuscation.org/emf/logsurfer/snort.txt JASON HAAR provided an example Swatch (3.1beta) config that emails alerts: http://www.theadamsfamily.net/~erek/snort/snort-swatch.conf.txt Here are some docs on swatch: * http://www.oit.ucsb.edu/~eta/swatch/ * http://www.stanford.edu/~atkins/swatch * http://rr.sans.org/sysadmin/swatch.php * http://www.enteract.com/~lspitz/swatch.html * http://www.cert.org/security-improvement/implementations/i042.01.html IDS Center (see FAQ 5) on Win32 will also mail alerts. -- Henrique Cesar Ulbrich Editor - Digerati Books [EMAIL PROTECTED] "My eyes! The goggles, they do nothing!" --------------------------------------------------------------------------- Esta lista � patrocinada pela Conectiva S.A. Visite http://www.conectiva.com.br Arquivo: http://bazar2.conectiva.com.br/mailman/listinfo/linux-br Regras de utiliza��o da lista: http://linux-br.conectiva.com.br FAQ: http://www.zago.eti.br/menu.html
