Snort mailing list archives
Re: Snort tool for alert analysis
From: Dragos Ruiu <dr () kyx net>
Date: Wed, 5 Mar 2003 11:45:10 +0000
cerebus might help you. http://dragos.com/cerebus cheers, --dr On Mon, 3 Mar 2003 11:03:38 -0800 (PST) Clayton Mascarenhas <masclaythesnort () yahoo com> wrote:
A lot of attacks get generated in the alert file when I run Snort? It is manually very difficult to go thru each rule to try an figure out which snort rule caused which attack and also it is very difficult to manually count the frequency of each attack generated in the file. Is there any tool that helps me count the frequency of each attack in an alert file(s), helps me sort the attacks in the file, helps me batch all common attacks in a file/files?? Please could someone help me by letting me know of any window-based tool that would help me in this aspect.......a unix based tool is ok too. Thankyou all.
-- --dr pgpkey: http://dragos.com/ kyxpgp http://cansecwest.com 0 = 1 , for large values of zero and small values of one. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort tool for alert analysis Clayton Mascarenhas (Mar 03)
- Re: Snort tool for alert analysis Dragos Ruiu (Mar 05)
- <Possible follow-ups>
- Re: Snort tool for alert analysis Miguel Rosales (Mar 03)
- Re: Snort tool for alert analysis jeremy chartier (Mar 04)