[Snort-users] Snort-Gui Editing Rules

Raffael Maio Vador at ...1224...
Mon Oct 18 10:59:15 EDT 2004

I tried to install the snortcenter2 but there is no doc about it on the
sourcforge site. Does a documentation exist ??? 

-----Message d'origine-----
De : snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] De la part de Alex Butcher,
Envoyé : vendredi, 15. octobre 2004 09:42
À : Jose Maria Lopez; snort-users at lists.sourceforge.net
Objet : Re: [Snort-users] Snort-Gui Editing Rules

--On 14 October 2004 23:40 +0200 Jose Maria Lopez <jkerouac at ...12346...> 

> El mié, 29 de 09 de 2004 a las 20:07, Raffael Maio escribió:
>> I?m searching for the best GUI interface to edit rules with snort. I
>> have make research, and I find some good product I think like
>> Snortcenter and Oinkmaster.
> I don't know the actual state of snortcenter, but it was a little buggy
> when I tried.

The CVS tree for Snortcenter2 on sourceforge should be mostly OK with Snort 
<=2.2.0 rulesets. But neither Jason nor myself have had much time to work 
on it for a while. Also, I've switched to oinkmaster and some shellscripts 
to manage snort rules, now that I don't need to cater for our less 
technical administrators.

> Oinkmaster it's the best way to add rules to your snort
> box, but it doesn't have a GUI.

It does, actually - written in Perl/Tk. I can't say I've used it though.

> You can also check the Webmin module for snort, but I think it's a little
> outdated.

Other alternatives are:

- <http://rman.sourceforge.net/>, which is OK, but doesn't really buy you 
much above using a text editor, IMHO.

- <http://www.activeworx.org/>, which looks nice, but doesn't have an 
'expert mode' allowing you to modify rules. It's also Windows-only (though 
it could manage UNIX sensors).

>> Are there another product ???
> Maybe some commercial product like Demarc or Sourcefire software
> can do that, but I have never checked, so I can't tell you.

Sourcefire certainly can. I think Demarc's products can, too.

Best Regards,
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9

This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list