Personal blog of Alex Muratov

Snorby & Snort is up and running

Posted on August 20, 2015 | in IDS, SIEM | by

Finally I setup my home IDS: Snort & Snorby on top.
The goal: to see what is going on in my Internet traffic, is there anything interesting.
Also Snort output will be collected by home Splunk instance.
The screenshot below shows only test events, nothing serious šŸ™‚

I used this guide: Home IDS with Snort And Snorby
It is pretty detailed though it has some typos and omission. Step-by-step does not give you a working environment since one important thing is not mentioned:
Barnyard and Snorby have to use the same database! I am thinking to produce a better guide, will see.

snorby

Leave a Reply

BOINC

BOINC

Ads

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Calendar

August 2015
M T W T F S S
« Oct   Oct »
 12
3456789
10111213141516
17181920212223
24252627282930
31  
%d bloggers like this: