<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hey,<div class=""><br class=""></div><div class="">not sure if you are doing it „just for fun“</div><div class="">But i run it in Kibana and created some Dashboards which is more flexible i think.</div><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">Am 23.01.2017 um 16:02 schrieb Diego Brum <<a href="mailto:diego.brum@...979...17765..." class="">diego.brum@...17765...</a>>:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class=""><span id="gmail-result_box" class="gmail-" lang="en"><span class="gmail-">I'm working on 
the project <a href="https://github.com/MatthewClarkMay/geoip-attack-map" class="">https://github.com/MatthewClarkMay/geoip-attack-map</a> and 
developed scripts that normalize the snort log and send it to the attack
 map.</span> <span class="">I use swatch and shell scripts.</span> <span class="gmail-">I wonder if anyone cares or has a better idea.<br class=""><br class=""><br class=""><span id="cid:ii_iya81f8q0_159cbd92b4d2c5ce"><mapattack_portfolio.png></span><br class="">​<br class=""></span></span><br class=""><br clear="all" class=""><br class="">-- <br class=""><div class="gmail_signature"><div dir="ltr" class=""><div class=""><div dir="ltr" class=""><div class=""><div dir="ltr" class=""><div class=""><div dir="ltr" class=""><div class=""><div dir="ltr" class=""><div class=""><div dir="ltr" class=""><div style="font-size:small" class=""><b class="">Diego Brum Lima Rocha</b></div><div style="font-size:small" class="">Tecnólogo em Segurança da Informação no NTIC</div><div style="font-size:small" class="">Instituto Federal de Brasília - IFB</div><div style="font-size:small" class="">61 2103-2129</div><div style="font-size:small" class=""><br class=""><br class=""></div><div class=""><div style="font-size:small;text-align:center" class=""><b class=""><u class=""><i class="">Policies of Perpetual Paranoia</i></u></b></div><div style="font-size:small;text-align:center" class=""><i class=""><br class=""></i></div><div style="font-size:small;text-align:center" class=""><i class="">Adopt universal IT Security policy:</i></div><div style="font-size:small;text-align:center" class=""><i class=""><br class=""></i></div><div style="font-size:small;text-align:center" class=""><font color="#ff0000" class=""><i class="">1- No network is trusted, inside or out</i></font></div><div style="font-size:small;text-align:center" class=""><font color="#ff0000" class=""><i class="">2- No user is fully trusted, anywhere</i></font></div><div style="font-size:small;text-align:center" class=""><font color="#ff0000" class=""><i class="">3- No app's native security is trusted</i></font></div><div style="text-align:center" class=""><font style="font-size:small" color="#ff0000" class=""><i class="">4- The bad guys are already inside<br class=""><br class=""><br class=""></i></font><div style="font-size:small;text-align:center" class=""><span style="" class=""><b class=""><i class="">“O elemento humano é um </i><i class="">grande desafio. Mesmo investindo </i><br class=""><i class="">em tecnologias e soluções de segurança, se o usuário não tiver um </i><br class=""><i class="">comportamento seguro, todo esforço </i><i class="">em proteger a informação será em </i><i class="">vão”</i></b></span><br class=""></div><div style="font-size:small;text-align:center" class=""><span style="" class=""><b class=""><i class=""><br class=""></i></b></span></div><div style="font-size:small;text-align:center" class=""><span style="" class=""><b class=""><i class=""><br class=""></i></b></span></div><div style="text-align:center" class=""><b class=""><i class=""><div class=""><font size="2" class="">-----BEGIN PGP PUBLIC KEY BLOCK-----</font></div><div class=""><font size="2" class="">Version: GnuPG v2</font></div><div class=""><font size="2" class=""><br class=""></font></div><div class=""><font size="2" class="">mQENBFczy8YBCADdYbqN5j7FkPdyJrG2uPn2gBa5QBPwL9XVBf2dDsTf8Jwg4Kbd</font></div><div class=""><font size="2" class="">yvVOuw1ode4HhsybM4DIFNJ26twEOZ6SlhDoA4ityGZodhsELyYhVH2yo7z/O7un</font></div><div class=""><font size="2" class="">hYhiks8PcVayAcBrz/lYmFWVZxav88jL0F7j3/koorZJ3nIuzyZS7txtQ/urEI6l</font></div><div class=""><font size="2" class="">jqddfRGtiP854cB2Yx9vcraxpJG/QsuDz+tvdYCr6ks+53f7PZGatXpXra6lD1f4</font></div><div class=""><font size="2" class="">6Klx5K7VvAR3FxS9NUWClk+9Dt+oF3pgX2y5toaFOI66IlfqgIkqYmX0ryVRVgtf</font></div><div class=""><font size="2" class="">/ZgxmwPFMm6r7TsYFIISmr0Fj8qgtu0fF3F9ABEBAAG0LERpZWdvIEJydW0gTGlt</font></div><div class=""><font size="2" class="">YSBSb2NoYSA8ZGllZ28uYnJ1bUBnbWFpbC5jb20+iQE5BBMBAgAjBQJXM8vGAhsv</font></div><div class=""><font size="2" class="">BwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQkjLA1OAEedsmcQgAkldRntlL</font></div><div class=""><font size="2" class="">nnMveFkfLCljYdn1WKeaWQarM9vaeR7GlLgFXXVGeTc388hb+qwvFq1KhTs0vRqN</font></div><div class=""><font size="2" class="">v00W5zeb4xbnYLVgGLVoedW8yGG19OGIMyKjf/+r8G8pKzKkxbHq+6cJRpHmrmWp</font></div><div class=""><font size="2" class="">LR2Cry8HQxg32Yg13FsjC2ttigEc6KJ05eVtO21aazGVziyrT87rjwBJ9esWFYdu</font></div><div class=""><font size="2" class="">C/TEvpyew2+kvgIOGZCl4LpGw15+E2VwGb5ohNaM21tlFcFir/eL/YXPIt2qcQ87</font></div><div class=""><font size="2" class="">PIPvX02J6GIxOtXaO1OLj4tykKIrywUcKaztL9Cu5F1xnX5PGKXTg3Qtc6gR/HBQ</font></div><div class=""><font size="2" class="">GEdJcC/rC6X7T7kBDQRXM8vGAQgArG5BbsTXNHaaoPxWp/+iir7/r55wiXkyJOPa</font></div><div class=""><font size="2" class="">Vj5Fa56fcHmjcRRqqgQwqngbABufMJkNz8+LsMo9cVSVCz0Zt7LFLTygs6GGEPeN</font></div><div class=""><font size="2" class="">piAl7bh0Y3FBotqcv1IAfUIWuFGoOYQc07+QDhoWKC4PcVMX7zeVPNgvD56WCL3H</font></div><div class=""><font size="2" class="">00FG7xZIWz1DtY7ktAwHLKiZj+e1sFzQS0sYPrjAuGLXMawOf31+8pdNxdVyoZoH</font></div><div class=""><font size="2" class="">pAlpC2JOZET65+KSjBJWYZXWOjgRoWqzrQsFJI3NP7V0UxKzODKl1syfob/Upia0</font></div><div class=""><font size="2" class="">X8pu2/x64otgEYlSY2y2gZsaiR3jrD1SA75pisk5Zz5YGrKGfQARAQABiQI+BBgB</font></div><div class=""><font size="2" class="">AgAJBQJXM8vGAhsuASkJEJIywNTgBHnbwF0gBBkBAgAGBQJXM8vGAAoJELf5cQBP</font></div><div class=""><font size="2" class="">e8ngYiIH/RRLcHRRrxO8W+n/DHrarSN33lpUnqei1MwNgX6TaxvHQfZWt1B+CjIZ</font></div><div class=""><font size="2" class="">od2Lsanz2G4y7aKY6zQ3QCaGWxlJLxUPff+kxuQRc3f034ZCM5iDMNrmq7ccpXc1</font></div><div class=""><font size="2" class="">IjawE8+3iq8B85tTdDob4kX6bTfnBIUXe52v1GCdMz+WPpDLk5OeZYEF3QjSVneB</font></div><div class=""><font size="2" class="">pTX4dkGPSMCGHsWnN111GmSREMezXUe0m8DB3qQpmGRiA8ILsHxupovwWsR0LLat</font></div><div class=""><font size="2" class="">USR2zfZAbmxnTSlsBBx8t+fc3RhsYBQFgtA4ZduQk653xmjE9BL8M25ubwIZ2tzE</font></div><div class=""><font size="2" class="">4IbKY5IUGnHOT5zGZPk0Q9n+6GC1CZXE8Qf9Hl3thPI2HL4ycAcXTZQVQZSv08pp</font></div><div class=""><font size="2" class="">ImRmMpHf3Y2t9trHdcpmbn/GIlh2m4/LFCIhDv8hoHK/E/oQKBXTtPt7Ftb0UFAQ</font></div><div class=""><font size="2" class="">aCElIdz4q5XlhnwJeK1R2HyA3EIDNGiVt+RD7HpV5gPsxU/+oSweb8AHtfafev/a</font></div><div class=""><font size="2" class="">5Ijqnm/ysP7UXXLSNmi/WsFLJNqAga1OS+Py2RyOmbwekm82kjYx5av/7jaBUe5U</font></div><div class=""><font size="2" class="">lNwHGZgb7K9XKD1kq3v4s3r0rqs19J2EGbv/0mGY17Co9tWoy+bVfaEfp1lXsyRc</font></div><div class=""><font size="2" class="">IiQnJ+RwkfeVrBVUry8xq49eezozFpeWZ6Yf4ASk6Ikas18Bml4y2QjaTg==</font></div><div class=""><font size="2" class="">=5adw</font></div><div class=""><font size="2" class="">-----END PGP PUBLIC KEY BLOCK-----</font></div></i></b></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
</div>
------------------------------------------------------------------------------<br class="">Check out the vibrant tech community on one of the world's most<br class="">engaging tech sites, <a href="http://SlashDot.org" class="">SlashDot.org</a>! <a href="http://sdm.link/slashdot_______________________________________________" class="">http://sdm.link/slashdot_______________________________________________</a><br class="">Snort-users mailing list<br class=""><a href="mailto:Snort-users@...3783...net" class="">Snort-users@lists.sourceforge.net</a><br class="">Go to this URL to change user options or unsubscribe:<br class="">https://lists.sourceforge.net/lists/listinfo/snort-users<br class="">Snort-users list archive:<br class="">http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users<br class=""><br class="">Please visit http://blog.snort.org to stay current on all the latest Snort news!</div></blockquote></div><br class=""></div></body></html>