Snort mailing list archives
RE: Semi-automatic notification email generator for Snort?
From: "Ian Webb" <iwebb () carolina rr com>
Date: Sun, 28 Jul 2002 18:50:49 -0400
Thanks. I'm on a Windows machine, though - will submitting my ICF logs be enough, or should I try to get the Perl agent for reporting my Snort logs working as well? If so, anyone done that and know what needs to be changed? I've been manually emailing the worst offenders (hundreds of scans / week) at their whois contacts, and I've gotten autoresponders from most of them. Abuse.net is a much better solution, though - I'm going to switch to using it. -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Michael Scheidell Sent: Sunday, July 28, 2002 1:19 PM To: "Ian Webb" Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] Semi-automatic notification email generator for Snort? www.mynetwatchman.com has a perl agent that reads snort,ipfw,ipchains,ipfilter,iptunnels, pix,cisco logs, etc obscrusifakates last two octets of you ip address, filters out false alarms (by looking at 1000 other sensors) etc. (oh, the whois contact is usually bogus.. dropped years ago do to being spammed to hell and back, www.abuse.net has better chance, but what do you do about china, korea, tiawan, south america, etc) -- Michael Scheidell SECNAP Network Security, LLC Sales: 866-SECNAPNET / (1-866-732-6276) Main: 561-368-9561 / www.secnap.net Ar you a security professinal? see http://www.secnap.net/employment/
Current thread:
- Semi-automatic notification email generator for Snort? Ian Webb (Jul 28)
- Re: Semi-automatic notification email generator for Snort? Michael Scheidell (Jul 28)
- RE: Semi-automatic notification email generator for Snort? Ian Webb (Jul 28)
- Re: Semi-automatic notification email generator for Snort? Michael Scheidell (Jul 28)
- RE: Semi-automatic notification email generator for Snort? Ian Webb (Jul 28)
- Re: Semi-automatic notification email generator for Snort? Joe McAlerney (Jul 29)
- Re: Semi-automatic notification email generator for Snort? Michael Scheidell (Jul 28)