[Snort-users] Looking for tool to generate isp/domain notific ation emails....
Potts, Ross A.
RPOTTS at ...5660...
Fri May 10 09:28:04 EDT 2002
Well, SnortSnarf will at least can the whois lookups for you on a number of
sites. I use webalizer in conjunction because It will reverse lookup at
least what hits the webserver. I have thus far unsuccessfully tested
reconfiguring Snarf to do a few extra things to make my life easier. I'm
From: Kevin Riggins [mailto:kriggins at ...5810...]
Sent: Friday, May 10, 2002 9:17 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Looking for tool to generate isp/domain notification
Once upon a time, I seem to remember seeing a tool that would parse snort
logs, perform the dns/revers/whaterver lookups, generate and send and email
to the parties concerned about an intrusion attempt. Does anybody know
where I can get something like this? I use aris.securityfocus.com right
now, but it is very time consuming. I could roll my own, but, you know,
wheel, reinvent, etc...
2910 Westown Parkway
West Des Moines, IA 50266
mailto: kriggins at ...5810...
phone: +1 (515) 225-2500 x 257
cell: +1 (515) 202-2306
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users