Snort mailing list archives
Re: Firing off Abuse email based on Snort Traffic
From: Todd Holloway <todd () duckland org>
Date: Fri, 30 May 2003 10:52:52 -0500
I have not tried this program yet...but it may help. http://freshmeat.net/projects/incident.pl/ About: incident.pl is a small script that, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators. Author: Viraj Alankar todd On Thu, May 29, 2003 at 10:44:52AM -0700, Matt Howell wrote:
All... We are starting to really see the benefit of our Snort deployment project, and inevitably the project's scope has been expanded. We would like to set up a Sensor to automatically send Abuse emails to the ISP of any hosts that break our Portscan threshold. Has anyone seen a project / product out there that does this already? Any input would be appreciated... TIA, -Matt ------------------------------------------------------- This SF.net email is sponsored by: eBay Get office equipment for less on eBay! http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in. We're computer professionals. We cause accidents. Nathaniel Borenstein, inventor of MIME. ------------------------------------------------------- This SF.net email is sponsored by: eBay Get office equipment for less on eBay! http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Firing off Abuse email based on Snort Traffic, (continued)
- Re: Firing off Abuse email based on Snort Traffic Matt Howell (May 29)
- Re: Firing off Abuse email based on Snort Traffic Skip Carter (May 29)
- Re: Firing off Abuse email based on Snort Traffic Budi Rahardjo (May 29)
- Re: Firing off Abuse email based on Snort Traffic Michael H. Warfield (May 29)
- Re: Firing off Abuse email based on Snort Traffic Frank Knobbe (May 29)
- Re: [OT] Firing off Abuse email based on Snort Traffic Matt Kettler (May 30)
- Re: [OT] Firing off Abuse email based on Snort Traffic Matt Howell (May 30)
- Re: [OT] Firing off Abuse email based on Snort Traffic james (May 30)
- RE: Firing off Abuse email based on Snort Traffic Matt Howell (May 29)