[Snort-users] SnortSMS

M Raju protocoljunkie at ...11827...
Tue May 24 17:04:14 EDT 2005


These (web frontends) are nice, but what else can you do with alert
data? Does it provide a way to drill down and check for false
positives, access to raw data (pcaps), etc? What about session, stat
data?


Without the above it is hard if not nearly impossible to validate
intrusions. The only suite I have found so far that really helps me
tremendously is SGUIL (http://sguil.sf.net)

Check it out yourself and if you have any questions come join us at
#snort-gui on freenode...

Cheers..

_Raju 

On 5/24/05, Anthony J Placilla <anthony_placilla at ...12807...> wrote:
> Has anyone used SnortSMS (http://snortsms.servangle.net/)
> for sensor management? If so could you share your experiences
> 
> --
> Tony Placilla, RHCT
> anthony_placilla at ...12807...
> 
> J.O.A.T.
> 
> GPG-Key-ID: 1024D/C78F8B64              http://pgp.mit.edu
> Key fingerprint = A8D5 7AFF CE88 4179 C792  D9A9 F197 2A15 C78F 8B64
> 
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by Yahoo.
> Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
> Search APIs Find out how you can build Yahoo! directly into your own
> Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 


-- 
May the packets be with you.




More information about the Snort-users mailing list