[Snort-users] SnortSnarf version 100400.1

James Hoagland hoagland at ...47...
Wed Oct 4 22:54:54 EDT 2000

Hello everyone,

Silicon Defense is please to announced the release of version 
100400.1 of SnortSnarf, our tool for producing HTML out of snort 
alerts for navigating through these alerts (and doing a whole lot 

There are the changes since the last version:

+ new link on alert pages to run a new CGI script to show an updated list
of alerts as text (if -cgidir option is given)
+ 3 DNS lookup sites now linked to from host pages (sites contrib. by Jim
+ added www.snort.org port lookup links to displayed alerts (contrib. by
Mike Biesele)
+ added wrap=yes to TEXTAREAs in SISR and annotations to improve wrapping on
some browsers.
+ for "see also" links, counts of alerts on other page now included
+ now lists number of distinct IPs on alert pages
+ corrected log file naming for Win32 snort (contrib. by silverdragon)
+ nmap2html: improved page heading (contrib. by Sean Boran)
+ nmap log page links now grey colored
+ internal tidying up of record keeping

We think that especially the first four items will be useful for some 
people, so you might want to update your copy.  A note on the first 
item.  We think that this will be useful if relevant alerts might 
have been added to the alert files since you ran SnortSnarf, if you 
want to be copy and paste alerts easier than you can with HTML 
tables, and if you want to produce a file of alerts similar to what 
Snort does but with only those with a certain IP.

As you can see, several of these changes were based on contributions. 
We'd like to thank all those who have contributed.

As always, you can get more information and download the latest 
version of SnortSnarf from:


Best regards,

|*   Jim Hoagland, Associate Researcher, Silicon Defense    *|
|*               hoagland at ...47...                *|
|*  Voice: (707) 445-4355 x13          Fax: (707) 445-4222  *|

More information about the Snort-users mailing list