Chapter 6. Building the Server
This chapter is a complete guide to deploying a Snort server. The primary function of the Snort server is to serve as a collection and distribution point for intrusion data. The server receives alerts generated by any number of sensors and stores them in the intrusion database. The alerts can then be logically organized and distributed to you via the management GUI.
By the end of this chapter, you will have a fully functional Snort server. One thing to note, however, is that you need to have some basic knowledge of Unix commands to follow this guide. If you are unsure about a command you can turn to a number of reference books or online resources.
Get Intrusion Detection with Snort now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
