Rule Management for Snort

[Mark Vevers <mark () ifl net>]

Hi,

For those of you who use ACID and have alternative monitoring arrangements
to Demarc for your network, but would like centralized rule management
for Snort I have written a small PHP addon - RuleMANagaer for Snort:

Main Features:
   Multiple Sensors with different rule sets (managed by rule group).
   Ruleset merging from latest snort rules or your own rulesets.
   Automatic sensor update and snort-restart.
   Rule Editing and Creation.
   Uses central snort MySQL Database.
   Open Source GPL License.

The software is currently at 0.0.2 alpha stage, but is used in a real live
environment to control a group of sensors.

   URL: http://rman.sourceforge.net
   Project URL : http://sourceforge.net/projects/rman

The next stage is to add variable management and rule filters to allow
sensors to pick up their variables from the db and vary them by
sensor-rulegroup combinations.

If you want to contribute to the project please let me know.  Any comments
etc. welcome.   The more feedback I get the more I'll work on the code!
I hope some people may find it of use.

Regards,

Mark Vevers

--
Mark Vevers.    mark () ifl net / mvevers () rm com
Internet Backbone Engineering Team
Internet for Learning, Research Machines Plc
Tel: +44 1235 823380,   Fax: +44 1235 823424



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users