IDScenter 1.1 rc1 released

[Kistler Ueli <iuk () gmx ch>]

Hello,

IDScenter 1.1 RC1 is finally out! Check www.packx.net
for more information
What's new (short overview)? The rule editor, the
ruleset management, the autoblock system and
plugins (extract IP, TCP, UDP and ICMP which can be
blocked with the sample plugin BlackICEv2.dll), bug fixes,
support for -w option, corrected Stream4 option... and
much more.. see the changelog when you downloaded the
file ;)

NOTE: I've released a 99% preconfigured IDS enivornment
based on Snort and IDScenter. It uses Apache, MySQL,
PHP, ACID (with jpgraph and adodb library preinstalled
for PHP)
and a little configuration tool (EagleXconfig). I will
send out a separate announcement.

What is IDScenter?
==================
IDScenter is a configuration and and management tool
for Snort IDS on Windows platforms.

Download: www.packx.net

Features
========
   
    * Snort 1.9 / 1.8 / 1.7 support
          o easy access to all settings
          o Interface listing using WinPCAP
    * Snort service mode support
          o IDScenter takes over control of the Snort
service
    * Snort configuration wizard
          o Variables
          o Preprocessor plugins
          o Output plugins
          o Rulesets
    * Ruleset editor: supports all Snort 1.9.1 rule options
          o Easily modify your rules
          o Import rules from files or websites into
existant rulesets
    * AutoBlock plugins: write your own plugins (DLL)
for your firewall
          o ISS NetworkICE BlackICE Defender plugin
included (possibility to block IP's, TCP and UDP ports,
set block duration)
          o Delphi framework included for fast writing
new plugins for other firewalls
          o Prevents problems in plugins to propagate
to IDscenter
    * Alert notification via e-mail, alarm sound or
only visual notification
          o Possibilty to send the last # lines of your
Snort log
          o Notification of attack is also possible
with Snort logging to MySQL
          o Add attachments (e.x. the current process
list generated by another program)
    * Test configuration feature: fast testing of your
IDS configuration (Snort rule syntax checking etc.)
    * Monitoring:
          o Alert file monitoring (up to 10 files)
          o MySQL alert detection: allows centralized
monitoring of all Snort sensors (e.x. if you have a
Notebook with WLAN adapter you can be alerted whereever
you are)
    * Log rotation (compressed archiving of log files)
          o Set log rotation period (day, week, month,
interval)
          o Organisation of backup logs
    * Integrated log viewer
          o Log file viewer
          o XML log file viewer
          o HTML/website viewer (support for ACID,
SnortSnarf, etc.)
    * Program execution possible if an attack was detected
    * .. and more!

Regards,
    Eclipse
    eclipse () packx net