Snort mailing list archives
RE: Snort-Gui Editing Rules
From: "Raffael Maio" <Vador () urbanet ch>
Date: Mon, 18 Oct 2004 19:58:53 +0200
I tried to install the snortcenter2 but there is no doc about it on the sourcforge site. Does a documentation exist ??? -----Message d'origine----- De : snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] De la part de Alex Butcher, ISC/ISYS Envoyé : vendredi, 15. octobre 2004 09:42 À : Jose Maria Lopez; snort-users () lists sourceforge net Objet : Re: [Snort-users] Snort-Gui Editing Rules --On 14 October 2004 23:40 +0200 Jose Maria Lopez <jkerouac () bgsec com> wrote:
El mié, 29 de 09 de 2004 a las 20:07, Raffael Maio escribió:I?m searching for the best GUI interface to edit rules with snort. I have make research, and I find some good product I think like Snortcenter and Oinkmaster.I don't know the actual state of snortcenter, but it was a little buggy when I tried.
The CVS tree for Snortcenter2 on sourceforge should be mostly OK with Snort <=2.2.0 rulesets. But neither Jason nor myself have had much time to work on it for a while. Also, I've switched to oinkmaster and some shellscripts to manage snort rules, now that I don't need to cater for our less technical administrators.
Oinkmaster it's the best way to add rules to your snort box, but it doesn't have a GUI.
It does, actually - written in Perl/Tk. I can't say I've used it though.
You can also check the Webmin module for snort, but I think it's a little outdated.
Other alternatives are: - <http://rman.sourceforge.net/>, which is OK, but doesn't really buy you much above using a text editor, IMHO. - <http://www.activeworx.org/>, which looks nice, but doesn't have an 'expert mode' allowing you to modify rules. It's also Windows-only (though it could manage UNIX sensors).
Are there another product ???Maybe some commercial product like Demarc or Sourcefire software can do that, but I have never checked, so I can't tell you.
Sourcefire certainly can. I think Demarc's products can, too. Best Regards, Alex. -- Alex Butcher: Security & Integrity, Personal Computer Systems Group Information Systems and Computing GPG Key ID: F9B27DC9 GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9 ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=ort-users ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort-Gui Editing Rules Raffael Maio (Oct 14)
- Re: Snort-Gui Editing Rules Jose Maria Lopez (Oct 14)
- Re: Snort-Gui Editing Rules Alex Butcher, ISC/ISYS (Oct 15)
- RE: Snort-Gui Editing Rules Jeff Dell (Oct 15)
- RE: Snort-Gui Editing Rules Raffael Maio (Oct 18)
- Re: Snort-Gui Editing Rules Guillaume Rix (Oct 15)
- Re: Snort-Gui Editing Rules Alex Butcher, ISC/ISYS (Oct 15)
- RE: Snort-Gui Editing Rules Jeff Dell (Oct 14)
- Re: Snort-Gui Editing Rules Jose Maria Lopez (Oct 14)