[Snort-users] guardian + snort

Matt Bridges matt.bridges at ...3375...
Sat Sep 8 09:34:01 EDT 2001

I am currently writing a system that encompasses all of guardians features
but logs to a central database.  It will support portscan logs.


-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Jyri Hovila
Sent: Saturday, September 08, 2001 3:35 PM
To: snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] guardian + snort

Hi Dariusz, and welcome! =)

Guardian does not understand log entries written by spp_portscan. I
believe someday someone is going to make a script which can handle
spp_portscan alerts too. If you can code with Perl, you can become that
person. =) Guardian.pl is pretty simple, it shouldn't be difficult to
modify it.



Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list