[Snort-users] what is the latest IDS management tool ?

Marcio Guerreiro marcio.guerreiro at ...16117...
Fri May 29 06:16:14 EDT 2015

Hi everyone


I am looking for the latest SNORT IDS management tool to send alerts via
email, display graphical interface, etc.


I have been reading a lot of books that mention  Snort SAM, Snortfw,
guardian, EasyIDS, ELSA, IDScenter, however it seems that those tools are 5
to 10 years old.


I would like to know what is the latest and updated management tool that is
being used to send email alerts and as management console in the market.


Thank you very much in advance.


Marcio Guerreiro





From: Robert Lasota [mailto:wrkilu at ...3879...] 
Sent: 29 May 2015 08:51
To: snort-users
Subject: [Snort-users] PulledPork stopped updating and starts duplicate



Did somebody meet with such strange case ? I mean, I had working Pulledpork,
then I changed someting (but even I don't know what because I turned out
later about that), and now duting run it doesn't display what it
update/change in rules and laso it start diplicate rules! After every next
run I get in rules directory thse same files with rules but with added the
same rules as later :(


./pulledpork.pl -P -k -I security -c etc/pulledpork.conf

      _____ ____
     `----,\    )
      `--==\\  /    PulledPork v0.7.0 - Swine Flu!
     .-~~~~-.Y|\\_  Copyright (C) 2009-2013 JJ Cummings
  @_/        /  66\_  cummingsj at ...11827...
    |    \   \   _(")
     \   /-| ||'--'  Rules give me wings!
      \_\  \_\\

Checking latest MD5 for snortrules-snapshot-2962.tar.gz....
        They Match
Prepping rules from snortrules-snapshot-2962.tar.gz for work....
Reading rules...
Reading rules...
Activating security rulesets....
Modifying Sids....
Processing /tmp/pulledpork-0.7.0/etc/enablesid.conf....
        Modified 0 rules
Processing /tmp/pulledpork-0.7.0/etc/dropsid.conf....
        Modified 0 rules
Processing /tmp/pulledpork-0.7.0/etc/disablesid.conf....
        Modified 0 rules
Setting Flowbit State....
        Enabled 777 flowbits
        Enabled 25 flowbits
        Enabled 4 flowbits
        Enabled 2 flowbits
Writing rules to unique destination files....
        Writing rules to /tmp/rules/
Generating sid-msg.map....
Writing v1 /tmp/sid-msg.map....
Fly Piggy Fly!
[root at ...17180... pulledpork-0.7.0]


What is going on ?




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150529/41df60b9/attachment.html>

More information about the Snort-users mailing list