[Snort-users] (no subject)

JP Vossen vossenjp at ...8683...
Thu Jul 24 20:03:26 EDT 2003


> Date: Thu, 24 Jul 2003 15:14:47 -0400
> From: Kevin Peuhkurinen <kevin.peuhkurinen at ...7732...>
> To:  snort-users at lists.sourceforge.net
> CC:  snort-users at ...9230...
> Subject: [Snort-users] New snortcenter project idea

<snip>

> It seems to me that the community needs an open source GUI for Snort.

What about http://sguil.sourceforge.net/?

"Sguil (pronounced "sgweel") is a graphical interface to snort, an open source
intrusion detection system. The actual interface and GUI server are written in
tcl/tk. Sguil uses other open source software including barnyard, mysql,
ethereal, tcpflow, and awhois.sh. Sguil currently functions as an analysis
interface and has no snort sensor or rule management capabilities. Those
features are currently being worked on and will be included in a later
release."

Sounds exactly like what you are talking about to me.


> Unfortunately, IDS Policy Manager is crap,

I disagree.  It has a narrow focus, true but in its niche it is a nice peice
of work.  In particular, I find the GUI layout makes Snort configuration and
rules easier to grasp when new to Snort.  For that reason I often recommend
that newbies install it just to look at, even if they are not going to
actually use it.


> is Win32 only, and isn't open source anyway.

True.  Also in the interest of full discolsure I should note that I've made a
number of feature suggestions for that product, all of which were promptly
added...


Later,
JP
------------------------------|:::======|--------------------------------
JP Vossen, CISSP              |:::======|         jp{at}jpsdomain{dot}org
My Account, My Opinions       |=========|       http://www.jpsdomain.org/
------------------------------|=========|--------------------------------
"The software said it requires Windows XP or better, so I installed
Linux..."





More information about the Snort-users mailing list