[Snort-devel] Passive mapper

Rob McMillen rvmcmil at ...1029...
Wed May 22 20:32:02 EDT 2002


    I want to write a plugin that passively maps the monitored network to
include active services located within the monitored network.  I think this
might alert to a trojan/backdoor because all of the sudden you have a new
service on a box that didn't used to have that service.
    Two questions:  1)  Is there something like this for snort already?
2)  I want to use graphics to display the network and allow interaction.
What graphics libraries are most common amongst *nix flavors?

Thanks,

Rob





More information about the Snort-devel mailing list