[Snort-sigs] Snort front ends
mkettler at ...189...
Thu Feb 12 08:11:05 EST 2004
At 05:03 PM 2/11/2004, Trevor Daucsavage wrote:
>I know this isn't the *correct* forum for this type of question, so I
>apologize in advance. I ask anyway because I figure you guys are the
>ones who use snort best and most often.
>My question is this: Does anyone have any recommendations for a snort
>front-end? We're trying to find some kind of package that can use to
>ease install of signatures and maybe even nice graphs and alerting.
>Again I apologize if I've offended anyone.
I don't think you've outright offended anyone.. but you have at least
Why not ask on snort-users?
For reference, I write some custom sigs, which is why I subscribe here.
Most of the time I deal with raw snort output and don't use any front ends
I use tcpdump binary logging of packets, and full alerts.
Not the most efficient setup speed-wise, but effective enough for my use.
On occasion I use snortsnarf if I need a lot of output presented in an
More information about the Snort-sigs