Snort Struggles

Well I apologize for my lack of posting, I have been thrust into the role of "supreme network commander" (my own working title) but all that really means is that I am the lone network engineer until one or more people get hired. Sooo, needless to say I have been overly busy and study/blogging time has been severely hampered. anyway, On to snort:

Well snort is a headache of headaches. Attempting to install snort on a mac and get it to send to aanval is proving to be quite the feet. Mac tutorials for snort are … well lets just say none of them use even remotely the same method, and none seem to work. All instructing me to modify files that are not on the system anywhere or change lines of code that do not appear in the listed files… frustration ensues. On the bright side I am working with the server team to get me a Linux server, and the Linux instructions appear, at least right now, to be much much simpler. Although the fact that we already have a handful of mac minis to locate throughout the network as snort sensors means I will eventually have to get snort running on them… Oh well, a problem I can push off a few days. School starts Monday so other priorities trump IDS for the week.

To wet your appetite, I am about to implement some Cisco IP SLA monitoring, I can blog about how that goes, should be good times. Especially since HP procurve does not have any features that can do this, so I have to add cisco routers behind my procurves to support the needed feature...