Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
481fcdc8655cc5642407240eb0427fb02075e7905d20eac72e11515b19dca083IDS Policy Manager was written to manage Snort IDS sensors in a distributed environment. This is done by having the ability to take the text configuration and rule files and allow you to modify them with an easy to use Graphical interface. With the added ability to merge new rule sets, manage pre processors, control output modules and scp rules to sensors, this tool makes managing snort easy for most security professionals.
51187a7ec1aaf48843ca3917132561b22aa02a4055ccda784669bae0fcb10d98covertsession is a command line tool that allows you to create a TCP session that IDS sensors cannot parse correctly. What this tool lets you do is inject bytes into your outbound data stream that an IDS sensor will treat as part of the data stream but the remote OS will ignore. If used correctly it can cause a signature not to match. This tool provides command line options to control how bytes are injected. It can use a file as its source of input. Or it can listen on a local port, redirecting the TCP session covertly to an IP:Port specified on the command line. Tested against Snort 2.2.
0ae15acc4feea9b3deae43d9277a060af770fcb25fc29192f6682a0b370d77d1Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
1eb6ebef1bf8d3b85f10a542c3380392bd5a089bd210a52758f642269fe9ce8bSnort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
9c45b1d95fbc8e717de6017f6d007512d1d5d855d9c9a10b3107b5754c040dacUSR-Guard acts as a bridge between Snort and a US Robotics 9105 ADSL router. When a snort alert is generated, USR-Guard will connect into your US Robotics router and add rules to block the host. This block is then removed after a defined period of hours.
764b2b47709981a3d439be75ac13bb7b80ff9c8b37c2569add38c5f3781ead40BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
ce6ebc5e75d69be73eaad1a544ad66ac2349127303622e8199b3a2d7b246f196SAM is a Real-Time Snort alert monitor. SAM provides many ways to indicate that you may be experiencing an intrusion attempt on your network including audio/visual warnings, email warnings, etc. SAM is written in Java for maximum portability.
929d2393ad3c51b332c51d5ed5b719af9eecb320eeb70f34a4f5bad03ffd3979Aanval is a web based Snort intrusion detection console. Currently supporting Snort and syslog, Aanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. Several primary features are account hierarchy, data-archiving, real-time data displays, auto signature updating, sensor management tools, easy upgrading, advanced searching, artificial intelligence, timezone control, charts/graphs, query saving and more.
3c0a3023b264dbaaa65785291bca02ad2f778cb607ecb3bc916125dc2fd7271dSAM is a Real-Time Snort alert monitor. SAM provides many ways to indicate that you may be experiencing an intrusion attempt on your network including audio/visual warnings, email warnings, etc. SAM is written in Java for maximum portability.
c40fa01249c626bf864be81898357d0aceb73a0915fbc7b5a83e3626b861ad2eIDS Policy Manager was written to manage Snort IDS sensors in a distributed environment. This is done by having the ability to take the text configuration and rule files and allow you to modify them with an easy to use Graphical interface. With the added ability to merge new rule sets, manage pre processors, control output modules and scp rules to sensors, this tool makes managing snort easy for most security professionals.
fce92a285eaf9b9b22e83b109b315e21722dc3594d70a426b0c0e04983b48eefFLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
d1bed331cdc280f6652f5dddcd5097c97252fcf70aeb2a28db3bf8103cf1886aSnort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
e49c838f75cdb2e17b23615fb4f9edca1937914ebd4c5588a5633fd1fb4d7016BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
1e57c153c45c04efda93669e385d5e0724a63e6a2828c14b4dc49f6468da06b0Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.
308149e0fcd8bf054c406a330a2f2b9c78a536d24b8a64593e8a8b68667a9a2dPlacid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
232304444140a229233a2a2f5ffa8372f4a9ca1473863c40183b8ccaded97bf6BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
d861520edf1e90488b1d049837fa31a1ff3c760e45b251e23ed9f54afb7e720fOpenaanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, openaanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. Several primary features are account hierarchy, data-archiving, real-time data displays, auto signature updating, sensor management tools, easy upgrading, advanced searching, artificial intelligence, timezone control, charts/graphs, query saving and more.
194a66c052f386871eac6a3eb614883587e5e68057206c19569276cbddf5bb23BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
a715621564524c48753d530f47e87674d1aeb6f9476ad608f5cbbed746e1d251The snortSnmpPlugin enables snort to send SNMP alerts to network management systems (NMS). The alerts can be traps (the alert will not be acknowledged by the receiver) or informs (the alert will be acknowledged by the receiver ). This is version 2.2.0-01.
44d5265b9d04e1782de2350a0151bec4e8ab23e871e6d6244258e461efce687fVersion 1.1 of Oinkmaster. Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
60217e5b157b416fbf30272d50b237c49bf15f150e1f2e9b55e3619991f3f854FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
de9859f2c2243192424efaf4af7a033ed888c7455ef387de82c975d61e65a030OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
f4b7fec0c8497ee77587eb5499c23917d90a41b5e63e37a2cfc6f69da6af68c1Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
b9ed5948f9f5d7ab54fbfbb89c074ec6b54bc6491627c28693e3e852342502f4BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
5e2de03ae3a29fbeb42b795289a23f1f27bbb4e951203b99eef70a1694be5de3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed