Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: guardian + snort

From: "Matt Bridges" <matt.bridges () fasthosts co uk>
Date: Sat, 8 Sep 2001 17:27:19 +0100
I am currently writing a system that encompasses all of guardians features
but logs to a central database.  It will support portscan logs.

Matt

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net]On Behalf Of Jyri Hovila
Sent: Saturday, September 08, 2001 3:35 PM
To: snort-users () lists sourceforge net
Subject: RE: [Snort-users] guardian + snort


Hi Dariusz, and welcome! =)

Guardian does not understand log entries written by spp_portscan. I
believe someday someone is going to make a script which can handle
spp_portscan alerts too. If you can code with Perl, you can become that
person. =) Guardian.pl is pretty simple, it shouldn't be difficult to
modify it.

Yours,

Jyri


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: