[Snort-devel] Barnyard Solaris 8 compile issue

James Hoagland hoagland at ...60...
Thu May 2 08:47:41 EDT 2002


>Thanks for all of your great work.
>Oh 1 more thing, I am trying to convince my company to write a new front
>end to snort because acid, then one I mostly use does not offer enough
>functionality for a service provider.  I would welcome any suggestions
>of other software that may do the job better.  Or features that you
>think may enhance your experience as an end user.

Have you checked out SnortSnarf?  It can be used in batch mode and 
has even been used successfully in semi-realtime mode (key to that is 
the # of alerts (not overwhelming) and adequate RAM).  Pretty soon we 
expect a SnortSnarf input module to be available that can read from a 
database.  You can also check out Demarc, which was partly inspired 
by SnortSnarf; I haven't tried it to know whether to suggest it or 
not.

If you are interested in an appliance, you can also check out Silicon 
Defense's commercial offerings, which now include a console.  There 
are other players in this market too.

Good luck,

   Jim
-- 
|*      Jim Hoagland, Associate Researcher, Silicon Defense      *|
|*            --- Silicon Defense: IDS Solutions ---             *|
|*  hoagland at ...60..., http://www.silicondefense.com/  *|
|*   Voice: (530) 756-7317                 Fax: (530) 756-7297   *|




More information about the Snort-devel mailing list