Results 1 to 2 of 2

Thread: Remote IDS

  1. #1

    Question Remote IDS

    Hi all,
    Well im new to antionline and id like to start here by asking 1 question. At work I want to set up a IDS most likely snort or sumthin like this but I want it to message me when there is anything detected such as a single port probe (netcat) - all the way to a massive GUI forced port scan (sumthin like nessus or iss internet scanner). How can this be set up? does it send an email? all the help you guys can give is much appreciated.

    thanks in advanced

  2. #2
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Flint, MI
    does it send an email?
    You can set it up lots of ways... I have seen it send email, IM through AIM, pager, cell phone, home phone, etc etc. All depends on the program you are using, and your hardware. One of the best setups I have seen would send email on things like a scan, but page/call if it caught an actual intrusion.

    How can this be set up?
    Well, I haven't done it, so someone else will have to help you out there. I believe with snort, you can use a couple of plugins to do it, and you can set different notification levels to do different things.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts