Link to home
Start Free TrialLog in
Avatar of jhammett52
jhammett52

asked on

How do I have Snort(running on an Ubuntu computer) send its output data to another computer on the same network?

Basically, I'm fairly new to IDS and I have a need for Snort's output data(including both the logs and alerts if possible) to be sent to another computer on the same network. To make it easy to receive help, I have a fresh install of Snort on one computer(Ubuntu).

Also, the computer that will be receiving the data is a Windows XP(not sure if this complicates things). I was told syslog will be a must on the station receiving and analyzing the data, but I also have no experience with that.

If someone could at least explain the theory behind doing this or perhaps link me to an article or guide that would be amazing!

Thanks in advance for the assistance!
Avatar of The--Captain
The--Captain
Flag of United States of America image

I'm not sure exactly what you need, but here  ( http://wiki.imagestream.com/wiki/Snort/Install ) are some folks using Windows for at least some of it ;-)

Cheers,
-Jon
ASKER CERTIFIED SOLUTION
Avatar of CodeC6
CodeC6
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jhammett52
jhammett52

ASKER

Thank you both for answering. I'm going to try your solution, CodeC6, and let you know how it works out.
CodeC6 explained how to do what I needed