[Snort-users] Newbie question, Diff between SnortSnarf & Acid
Leigh David Heyman
leigh at ...5300...
Tue Mar 19 06:03:03 EST 2002
I'm not sure that there's any single source which compares the two, but in
short, they're very different due to the source of the data that they're
presenting. SnortSnarf parses raw (binary or text) log/alert files from snort
into an html result. ACID and Demarc are PHP front-ends which pull their data
from a relational database (mysql,postgresql, others?) backend, this relies on
using snort's database output plugin.
I guess it all depends on how complex your IDS needs are.
I think the best advice is to run them both and see what best meets your needs
(unless you don't want to install/run/configure a sql database, in which case,
just stay with SnortSnarf)
More information about the Snort-users