[Snort-users] getcontact utility

Joe McAlerney joey at ...47...
Tue Jun 19 13:58:07 EDT 2001


Hello Paul,

You may want to check out the SnortSnarf Incident Storage and Response
(SISR) module that hooks into SnortSnarf.  It will generate the contact
address based on whois lookups, and use it in an e-mail message
constructed by a template of your choice.  This is all done in web-based
forms.

SnortSnarf: http://www.silicondefense.com/software/snortsnarf/
SISR README:
http://www.silicondefense.com/software/snortsnarf/readme.sisr.shtml

Hope this helps,

-Joe M.

-- 
|   Joe McAlerney     joey at ...155...   |
| Silicon Defense - Technical Support for Snort |
|       http://www.silicondefense.com/          |
+--                                           --+

"Sheahan, Paul (PCLN-NW)" wrote:
> 
> Hello,
> 
> I am looking for a utility to use with Snort (running on Linux) similar to
> the "Getcontact" utility seen on snort.org. It would be nice to be able to
> automatically lookup contacts for the different ISPs and send out emails
> when certain attacks occur. Does anyone have a script they could share that
> could do this?
> 
> Getcontact seems to be made for the Windows version of Snort and I don't
> know how to get it to work under Linux.
> 
> Thanks!
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list