[Snort-users] Analysis Console for Incident Databases - inital release
roman at ...438...
Mon Sep 11 21:31:38 EDT 2000
Well since you asked ... I just made some quick (very crude) screen
captures located at the following link:
I look forward to hearing suggestions, wishlists, and bugs!
<roman at ...438...>
On Mon, 11 Sep 2000, Martin Roesch wrote:
> Woah, this sounds highly cool. Got any screen shots? I think I know
> doing tonight.... :)
> Roman Danyliw wrote:
> > Greetings!
> > ACID, Analysis Console for Incident Databases, is a PHP analysis
> > search and process a database of alerts generated by IDSes, among them
> > Snort (and the database plug-in). A current list of features
> > - Search interface for finding alerts matching practically any
> > This includes arrival time, signature time, source/dest
> > flags, payload, etc. Furthermore, these queries can be made
> > arbitrarily complex to satsify almost any parameters.
> > - Statistics:
> > - % of traffic for each protocol
> > - Alerts: # of src/dst IP, last/first arrival time
> > - Graph # of arrived alert over a period of time
> > - last x-number of alerts by protoco
> > - All features are provided in real-time
> > This application was developed at the CERT Coordination Center as a
> > of the AIRCERT project. See http://www.cert.org/kb/acid for the most
> > date information and documentation about this application.
> > Download: http://www.cert.org/kb/acid/acid.0.9.2.tar.gz
> > Mirror: http://www.andrew.cmu.edu/~rdanyliw/snort/
> > Please send bug-reports and wish-lists.
> > Roman Danyliw
> > <roman at ...438...>
> > <rdd at ...241...>
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > http://lists.sourceforge.net/mailman/listinfo/snort-users
> Martin Roesch
> roesch at ...421...
More information about the Snort-users