[Snort-users] Win32-snort users
hoagland at ...47...
Wed Jul 26 19:56:41 EDT 2000
You might want to check out SnortSnarf
(http://www.silicondefense.com/snortsnarf/). It was originally fully
Unix and Windows NT compatible. Then we added some extra
functionality that probably won't run on Windows (annotations and
SISR come to mind). The main script to generate the set of HTML,
snortsnarf.pl, should run okay, though we have not tried it recently.
If you get it working, let us know. Come to think of it, not many
changes will probably be needed to get the other parts working with
Windows, so if you make any compatibility changes, let us know and we
can incorporate those. It should be easier than writing your own
At 12:19 PM -0700 7/26/00, H Carvey wrote:
>I am using Win32-snort...have been since about a day
>after it was released.
>I'd like to know if anyone else is using it. I'd also
>like to know if anyone else is looking for NT-based
>Perl scripts to put their alerts into some kind of
>Right now, I use a Perl script that produces:
>It pulls snort alerts from the EventLog, and puts them
>in a table. The script then runs nmapNT against each
>of the unique IP addresses.
|* Jim Hoagland, Associate Researcher, Silicon Defense *|
|* hoagland at ...47... *|
|* Voice: (707) 445-4355 x13 Fax: (707) 826-7571 *|
More information about the Snort-users