how snort and guardian work together?
hi..i'm a newbie and i need some help. i'm trying to have snort and guardian work together.
i'd install both snort and guardian. it is said that after starting snort then just start the guardian. however, i'm not very clear on how both of them works together. morever, i dun understand the log file of guardian. all it shows is the process id. where can i get more information on how guardian works? :( plz help ... or is there any detail information on guardian which i can refer to? i only found simple and general information guardian. |
i'd install both snort and guardian. it is said that after starting snort then just start the guardian. however, i'm not very clear on how both of them works together.
Guardian reads Snort's logfile, isolates the necessary parts like remote IP address and port and uses that in it's scripts to perform firewall rule management. morever, i dun understand the log file of guardian. all it shows is the process id. where can i get more information on how guardian works? The Guardian log is only for stuff internal to Guardian. You could easily modify the scripts to preclude a rule that would dump information to syslog. or is there any detail information on guardian which i can refer to? i only found simple and general information guardian. If reading the docs and the scripts aren't enough and asking here doesn't result in the nfo you need, try looking for a mailinglist or contact the programmer(s). |
oohh...thanx ..
i'll check out the mailinglist then ... thanx a lot .. |
All times are GMT -5. The time now is 04:43 AM. |