Security Basics mailing list archives

Re: Log Analysis

From: Mattias Hedenskog <tsixla () antisec net>
Date: Tue, 3 Dec 2002 09:08:03 +0100

Hi..

Well that just depends on what service you're refering to? There is a bunch of 
them out there. 
Personally I prefer ACID(http://acidlab.sourceforge.net) for Snort and 
Fireparse(http://aaron.marasco.com/linux.html) for Iptables. The best way to 
find out yourself is to look at http://www.freshmeat.net and see for 
yourself, thereby get your own opinion.

// Regards
Mattias Hedenskog

        id 76DA3A30C4; Mon,  2 Dec 2002 12:35:35 -0700 (MST)


-- 
irc:tsixla@efnet,irscnet
mail:tsixla () antisec net 
http://tsixla.antisec.net

g33kcode: AFA0 72DE 73FC F871 7C5F  332D E625 26DB 5025 2057

Current thread:

Log Analysis Niall O Malley (LMI) (Dec 02)
- RE : Log Analysis Nicolas Villatte (Dec 03)
- Re: Log Analysis Jason Dixon (Dec 03)
- RE: Log Analysis Panth3r (Dec 03)
- Re: Log Analysis Jim Geovedi (Dec 03)
  - tcp dest port 5773 attack? Erick B. (Dec 05)
- Re: Log Analysis Mattias Hedenskog (Dec 03)
- <Possible follow-ups>
- RE: Log Analysis Wollenslegel, Troy (T.A.) (Dec 04)
- RE: Log Analysis Mark Palmer, CCNA (Dec 04)