Snort mailing list archives
Snort IDMEF Plugin 2.0.0alpha released
From: Sandro Poppi <spoppi () gmx net>
Date: Sun, 15 May 2005 17:39:06 +0200
Hi Snorters, I'm happy to announce a new release of the GPL'ed Snort IDMEF plugin 2.0.0alpha for Snort as a patch against v2.3.3. IDMEF is the Intrusion Detection Exchange Message Format which is XML based and developed by the IETF working group IDWG. It's current status is "Draft". Snort IDMEF enables Snort to generate IDMEF based messages and store them either in a flat file or distribute them via TCP sockets.This new version is a complete rewrite of the output plugin. The major changes are:
- complete rewrite - conforms to current IDMEF Draft 14 - requires the new libidmef 1.0.2+ - added general message generation for not yet supported generators - added sfportscan message generation- added a patch for sfportscan preprocessor to show port/ip lists instead of ranges as the original one - added validate_log.c to validate idmef messages even if more than one XML document is in a single file like the message file created by snort-idmef
it has to be compiled separately, see the file for instructions - documentation updates More details can be found in the plugin's ChangeLog. Requirements: - Snort 2.3.3+ source http://www.snort.org - libidmef 1.0.2+ http://sourceforge.net/projects/libidmef - libxml2 http://xmlsoft.org/ - snort-idmef-plugin ;) http://sourceforge.net/projects/snort-idmef On the project's homepage you'll find some mailinglists for issues related to the snort-idmef-plugin. Feedback is always welcomed! Happy snort'ing, Sandro ------------------------------------------------------- This SF.Net email is sponsored by Oracle Space Sweepstakes Want to be the first software developer in space? Enter now for the Oracle Space Sweepstakes! http://ads.osdn.com/?ad_id=7393&alloc_id=16281&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort IDMEF Plugin 2.0.0alpha released Sandro Poppi (May 15)