Snort mailing list archives
RE: SnortSMS
From: "Eric Hines" <eric.hines () appliedwatch com>
Date: Tue, 24 May 2005 19:55:30 -0500
Tony, Interesting, that's the first time I've seen that project. In looking at the screenshots, its basically ACID/BASE with Sensor management minus the alert console and reports, right? Raju: I'm sure Tony realized its inability to display alert data and was looking at it purely for Snort sensor management. I'm sure he was planning to utilize that project to manage his sensors alongside another Snort alerting console. Best Regards, Eric Hines, GCIA, CISSP CEO, President, Chairman Applied Watch Technologies, LLC 1134 N. Main St. Algonquin, IL 60102 Tel: (877) 262-7593 e:327 Fax: (877) 262-7593 Mob: (847) 456-6785 Web: http://www.appliedwatch.com ---------------------------------------------------------------------------- - Enterprise Snort Management at http://www.appliedwatch.com. Security Information Management for the Open Source Enterprise. ---------------------------------------------------------------------------- - -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of M Raju Sent: Tuesday, May 24, 2005 7:01 PM To: Anthony J Placilla Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] SnortSMS These (web frontends) are nice, but what else can you do with alert data? Does it provide a way to drill down and check for false positives, access to raw data (pcaps), etc? What about session, stat data? Without the above it is hard if not nearly impossible to validate intrusions. The only suite I have found so far that really helps me tremendously is SGUIL (http://sguil.sf.net) Check it out yourself and if you have any questions come join us at #snort-gui on freenode... Cheers.. _Raju On 5/24/05, Anthony J Placilla <anthony_placilla () suth com> wrote:
Has anyone used SnortSMS (http://snortsms.servangle.net/) for sensor management? If so could you share your experiences -- Tony Placilla, RHCT anthony_placilla () suth com J.O.A.T. GPG-Key-ID: 1024D/C78F8B64 http://pgp.mit.edu Key fingerprint = A8D5 7AFF CE88 4179 C792 D9A9 F197 2A15 C78F 8B64 ------------------------------------------------------- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- May the packets be with you. ------------------------------------------------------- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr______________________________________________ _ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list ------------------------------------------------------- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- SnortSMS Anthony J Placilla (May 24)
- Re: SnortSMS M Raju (May 24)
- RE: SnortSMS Eric Hines (May 24)
- Re: SnortSMS M Raju (May 24)