Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
fb06e8471ded78d8a7b31cdabb8b2169OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
6f1ebf4effc89562f6124da3d3d42429Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
6194278217e4e3f733b046256a31f0e6NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.
19e7aae0da3a00b4c06694f6f8809919FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
012d38e1efe8ea51d1c2f08790bccaf5Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
7772b3d934d1fb3570c05d335ede895dSnort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
76a538d27c23d51dbed43b04c06114e1FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
cc5a7a0a07131d462b94458ca4521724Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.
bd1c5b046fbebc2009da71f4cc6ed39dOpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
43453b81db08a3373a0e55b859d5e139Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
1140fb5484944691268579ca7fc83518NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.
ef5f44b783aab6c76b7c6289cdebcac3OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
83bc704655e4578d092671b549fcf5eaSnortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
123cb4ec30b782cfe541c6edc25b7642OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
8cdee7b1ed5cffb688bb977ea453c6acSnort signatures that identify the new Sass worm that is propagating.
65392ba74c0fbbd684793905ac32c32dFLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
b920e0a575df8a4a141744e694ff852dCCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.
a0fd7e48315d3e38b1c6a3fd689fb47aSnort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.
3e8d9efbb52be5cc66c33c87de9a740dsntm is a Qt based GUI snort monitor. Currently, it is capable of monitoring multiple snort sensors in a centralized monitor screen. Each snort sensor creates a SSL encrypted communication thread to connect to the monitored server and each communication channel has its own certificate and private key.
21f97dda1395bd2c6b9c5a72b70a2343FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
76a3e5a3bc4d9c95c53631cde6585956Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.
ca1e2c7b3878570256b93f2f405f6f1fSnortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
b9c0d6a4d1ecfe27848b857da1c4e3a4Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
f53ce230616c1f6aafedf546a7cc0f0fCCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.
0ee9ae61c16fdaa0acb6d139485636bc
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed