PaulDotCom mailing list archives
Security "dashboard" applications
From: arch3angel at gmail.com (Robert Miller)
Date: Wed, 07 Oct 2009 10:17:09 -0400
I believe it was this past summer sometime, like I said I did not get too much time with it. A quit overview is that I work for an ISP and was trying to find a way to help the customers by spotting possible things that would cause there usage to go up such as botnet or spam. We offer our service via satellite so the usage is critical to these companies. It just over loaded the space and even dropped packets, but again this was more so the lack of time I had to tweak it and make it work right because of other priorities. I wanted this to prove to management that this is a viable option, they felt otherwise so the project got pushed back. :-( I will surely get back to it, just unsure when that might be... - Robert Andrew Ellis wrote:
Out of curiosity, when was it that you used OSSIM? It's had some significant changes in the last 6 months. On Tue, Oct 6, 2009 at 5:42 PM, Robert Miller <arch3angel at gmail.com> wrote:I have used OSSIM and I liked it for the most part. I did find that with the traffic we passed it became overwhelmed and the hard drives filed up in under a day (140GB) making it completely unresponsive. You may want to make sure to partition off things such as your logs so if you fill up the partition you can still access and operate the server. Let me know how it works out for you, I was pulled off the project for another of higher priority but should be back on it in a month or so. *** Personal Note - All answers to this are great as I know many have thought this same thing and it is asked often *** - Robert Andrew Ellis wrote:You might look into using OSSIM. It's great for aggregating events and viewing them. It's pretty modular so odds are good you'll be able to get what you're looking at plugged into it. It also has jasperserver running within it, which let's you write reports pretty easily from the data you've already got. https://www.alienvault.com/products.php?section=OpenSourceSIM On Tue, Oct 6, 2009 at 2:58 PM, Jason Wood <tadaka at gmail.com> wrote:Hey all, I've been asked to try to put together reporting for security related issues and items. I've created a starting place for what I would like to report on. I REALLY don't want to put all this into a spreadsheet and try to maintain that. I'd prefer some kind of dashboard which could pull information from ticketing systems, scripts, etc to make at least some of the updates. Does anyone know of an open source app like this or could be a decent base to start with? And, rather than set this idea in stone, I'm open to different ideas if someone has an alternative that they are using. Thanks, Jason -- irc: Tadaka Twitter: Jason_Wood jwnetworkconsulting.com _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Security "dashboard" applications Jason Wood (Oct 06)
- Security "dashboard" applications Andrew Ellis (Oct 06)
- Security "dashboard" applications Robert Miller (Oct 06)
- Security "dashboard" applications Jason Wood (Oct 06)
- Security "dashboard" applications Andrew Ellis (Oct 06)
- Security "dashboard" applications Robert Miller (Oct 07)
- Security "dashboard" applications Robert Miller (Oct 06)
- Security "dashboard" applications Andrew Ellis (Oct 06)
- Security "dashboard" applications mixipilix mixipilix (Oct 07)
- Security "dashboard" applications Ben Greenfield (Oct 07)