[Snort-users] Looking for tool to generate isp/domain notific ation emails....

Potts, Ross A. RPOTTS at ...5660...
Fri May 10 09:28:04 EDT 2002

Well, SnortSnarf will at least can the whois lookups for you on a number of
sites.  I use webalizer in conjunction because It will reverse lookup at
least what hits the webserver.  I have thus far unsuccessfully tested
reconfiguring Snarf to do a few extra things to make my life easier.  I'm
getting closer!
 -----Original Message-----
From: Kevin Riggins [mailto:kriggins at ...5810...]
Sent: Friday, May 10, 2002 9:17 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Looking for tool to generate isp/domain notification

Once upon a time, I seem to remember seeing a tool that would parse snort
logs, perform the dns/revers/whaterver lookups, generate and send and email
to the parties concerned about an intrusion attempt.  Does anybody know
where I can get something like this?  I use aris.securityfocus.com right
now, but it is very time consuming.  I could roll my own, but, you know,
wheel, reinvent, etc...



Kevin Riggins

Quester Research

2910 Westown Parkway

Suite 100

West Des Moines, IA 50266

mailto: kriggins at ...5810...

phone: +1 (515) 225-2500 x 257

cell: +1 (515) 202-2306


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20020510/b845f167/attachment.html>

More information about the Snort-users mailing list