Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
0d4cc0d9d0292a21b04399c87dd4e49064e0a9869488fa79dad3ad54c9986f08OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
6954b53c5533f2bbcd1430594223d437edf739a08e572c6ed370fca5fe17f538Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
ae41768b573a93be6ce056d3b984d9ce0a825eefcd6ec16ffbf5342e77677140NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.
e294b20574821665b784aa2180752023c5d7f67c8afdde8d55474a88ec998551FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
84b189826dc1420aa93d5606a2abac3ef90da339f45f43d57b91514047c8d749Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
ba5053c0fa657843dd5104e29603b9ac0dc972aad91e0e15001b112f0afe169bSnort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
58e197fb51af2ae398f50f9e4f08749e94e5572cc6ef82bf74b7560f4236a419FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
c7135d1f5ec0ac1b70c5dee0e15814bc3abb9d0b97f74703fb107e31cccd0262Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.
438ba365303935c1d4822a8472364a15a56ff6dce642980908580f29c811abf3OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
77b12ac17e409a561b564cf05f38a1870ee616305166f1153043e242df097cefOinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
acd85eeb4b35eecc6aace83f16e870501f129c00ce925eb81da5576ff45a6827NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.
bcfefe2bdad05e3ef87f47860826e2d5667e3b1be86bc86bd387cc276c4aff77OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
7964cfa752ea4d3d2d61f55640d29d955fe4816bdb4dfa5909ebd77913d66e28Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
dbcac34e5da90620dee84d0b4c7628ffdf1deee52df83e0dca77b9cbbd32131dOpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
c18542b3573a52576b2f5147617087abdddfce6272575db7305f6a5c9682011eSnort signatures that identify the new Sass worm that is propagating.
b69ecb8046fb28e2ec5770410354925379943778ef8847ca1a3d9898bd74f9bcFLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
04994cfedd9e83f32136db04988decc0e80f2c11ced7ef66a846e4c138e85dc6CCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.
0d547e754b02df848f6c4d655587f1f6450a799b688c2490123a87451ca09372Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.
645985c864ee2def03af54683bae97aab3fc6fbed5f1005cadec0de5a6405ee4sntm is a Qt based GUI snort monitor. Currently, it is capable of monitoring multiple snort sensors in a centralized monitor screen. Each snort sensor creates a SSL encrypted communication thread to connect to the monitored server and each communication channel has its own certificate and private key.
be0f032160e7a7dbe339259015a5e5ab94ed2b3feafd0ce100e1331d07963422FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
75ac3155f76640bd2ff01ff755ca681bd8380fed8b2ea694406d455d9e5393b1Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.
3d9a0bfee7572f4bfdbabc635748203efd9db23d46369073d9c9bc4549d93caaSnortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
771a592c0b7e06103d663eab2d32b275b9d1e635916b545ba55d1dc3587350e4Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
0ab6801cdd4b46d3daa4544977306a6f222ca51e110966e0c2ce1900fd535506CCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.
8cf44524aeec333268aa73ad3f6091da455b0506221fd4436901b5aaf1f5763f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed