Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
0d4cc0d9d0292a21b04399c87dd4e49064e0a9869488fa79dad3ad54c9986f08
OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
6954b53c5533f2bbcd1430594223d437edf739a08e572c6ed370fca5fe17f538
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
ae41768b573a93be6ce056d3b984d9ce0a825eefcd6ec16ffbf5342e77677140
NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.
e294b20574821665b784aa2180752023c5d7f67c8afdde8d55474a88ec998551
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
84b189826dc1420aa93d5606a2abac3ef90da339f45f43d57b91514047c8d749
Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
ba5053c0fa657843dd5104e29603b9ac0dc972aad91e0e15001b112f0afe169b
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
58e197fb51af2ae398f50f9e4f08749e94e5572cc6ef82bf74b7560f4236a419
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
c7135d1f5ec0ac1b70c5dee0e15814bc3abb9d0b97f74703fb107e31cccd0262
Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.
438ba365303935c1d4822a8472364a15a56ff6dce642980908580f29c811abf3
OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
77b12ac17e409a561b564cf05f38a1870ee616305166f1153043e242df097cef
Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
acd85eeb4b35eecc6aace83f16e870501f129c00ce925eb81da5576ff45a6827
NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.
bcfefe2bdad05e3ef87f47860826e2d5667e3b1be86bc86bd387cc276c4aff77
OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
7964cfa752ea4d3d2d61f55640d29d955fe4816bdb4dfa5909ebd77913d66e28
Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
dbcac34e5da90620dee84d0b4c7628ffdf1deee52df83e0dca77b9cbbd32131d
OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
c18542b3573a52576b2f5147617087abdddfce6272575db7305f6a5c9682011e
Snort signatures that identify the new Sass worm that is propagating.
b69ecb8046fb28e2ec5770410354925379943778ef8847ca1a3d9898bd74f9bc
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
04994cfedd9e83f32136db04988decc0e80f2c11ced7ef66a846e4c138e85dc6
CCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.
0d547e754b02df848f6c4d655587f1f6450a799b688c2490123a87451ca09372
Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.
645985c864ee2def03af54683bae97aab3fc6fbed5f1005cadec0de5a6405ee4
sntm is a Qt based GUI snort monitor. Currently, it is capable of monitoring multiple snort sensors in a centralized monitor screen. Each snort sensor creates a SSL encrypted communication thread to connect to the monitored server and each communication channel has its own certificate and private key.
be0f032160e7a7dbe339259015a5e5ab94ed2b3feafd0ce100e1331d07963422
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
75ac3155f76640bd2ff01ff755ca681bd8380fed8b2ea694406d455d9e5393b1
Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.
3d9a0bfee7572f4bfdbabc635748203efd9db23d46369073d9c9bc4549d93caa
Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
771a592c0b7e06103d663eab2d32b275b9d1e635916b545ba55d1dc3587350e4
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
0ab6801cdd4b46d3daa4544977306a6f222ca51e110966e0c2ce1900fd535506
CCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.
8cf44524aeec333268aa73ad3f6091da455b0506221fd4436901b5aaf1f5763f