[OT] [Snort-users] Firing off Abuse email based on Snort Traffic
hackerwacker at ...9340...
Fri May 30 16:57:05 EDT 2003
I think securityfocus or incidents.org allow you to up load your snort
files and then select who gets an abuse e-mail. With thousands of alerts a day
it just became too much to deal with, as many alerts do not deserve an e-mail.
Snort Snarf has a XML function that allows you to view the alerts and send e-mails right
from the web page. Have not played with this one yet.
Key here is that human intervention and decisions need to be made before e-mails are sent.
More information about the Snort-users