Snort mailing list archives
IDScenter 1.1 RC2 and Eagle X 1.0.1 released!
From: Ueli Kistler <iuk () gmx ch>
Date: Mon, 10 Feb 2003 10:38:40 +0100
Hello, IDScenter 1.1 RC2 is out! Available on www.packx.net. Fixed: Stream4, Frag2 preprocessors setup, some minor bugsEagleX 1.0.1: fixed the database access problem and comes with a new configuration tool. - Eagle X configuration sets Snort service to start automatically (no need to set up this manually, or compile Snort again with another service configuration) - Digest authentication support (but Internet Explorers implementation is not "compatible" with Apache ;) .. means uri field is set wrong, but if you use Mozilla or Opera it works) -> MD5 checksum is calculated by the configuration tool (htdigest.exe is still included in the package though)
-> RFC2617 (Resource: http://ftp.ics.uci.edu/pub/ietf/http/rfc2617.txt) (going back to work now.. have a nice day) If you don't know IDScenter, here's a description: What is IDScenter? ==================IDScenter is a configuration and and management tool for Snort IDS on Windows platforms.
Download: www.packx.net Features ========* Snort 1.9 / 1.8 / 1.7 support
o easy access to all settings o Interface listing using WinPCAP * Snort service mode support o IDScenter takes over control of the Snort service * Snort configuration wizard o Variables o Preprocessor plugins o Output plugins o Rulesets * Ruleset editor: supports all Snort 1.9.1 rule options o Easily modify your rules o Import rules from files or websites into existant rulesets * AutoBlock plugins: write your own plugins (DLL) for your firewallo ISS NetworkICE BlackICE Defender plugin included (possibility to block IP's, TCP and UDP ports, set block duration) o Delphi framework included for fast writing new plugins for other firewalls
o Prevents problems in plugins to propagate to IDscenter * Alert notification via e-mail, alarm sound or only visual notification o Possibilty to send the last # lines of your Snort logo Notification of attack is also possible with Snort logging to MySQL o Add attachments (e.x. the current process list generated by another program) * Test configuration feature: fast testing of your IDS configuration (Snort rule syntax checking etc.)
* Monitoring: o Alert file monitoring (up to 10 files)o MySQL alert detection: allows centralized monitoring of all Snort sensors (e.x. if you have a Notebook with WLAN adapter you can be alerted whereever you are)
* Log rotation (compressed archiving of log files) o Set log rotation period (day, week, month, interval) o Organisation of backup logs * Integrated log viewer o Log file viewer o XML log file viewer o HTML/website viewer (support for ACID, SnortSnarf, etc.) * Program execution possible if an attack was detected * .. and more! Regards, Eclipse eclipse () packx net www.packx.net ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- IDScenter 1.1 RC2 and Eagle X 1.0.1 released! Ueli Kistler (Feb 10)