Snort mailing list archives
Re: Web UI
From: CunningPike <cunningpike () gmail com>
Date: Tue, 21 Jul 2009 15:30:54 -0700
If you go with sguil, you get the benefit of knowing what is happening on your network NOW instead of a week ago AND you can use squert to leverage the sguil database for web reporting. CP On Tue, 2009-07-14 at 15:57 -0400, Burks, Doug wrote:
Hi Scott, ACID should not be used anymore. BASE is definitely more current. A brand new web front-end called Snorby (http://www.snorby.org/) just appeared. It's still in Beta and may not be ready for production use. If you don't require a web front-end, I would recommend looking at Sguil (http://sguil.sourceforge.net/). It can be installed very quickly and easily using NSMnow (http://www.securixlive.com/nsmnow/index.php). If you'd like to try Sguil from a LiveCD environment, please take a look at my Security Onion LiveCD (http://securityonion.blogspot.com/). Thanks, Doug Burks ______________________________________________________________________ From: Scott Elgram [mailto:SElgram () VerifPoint com] Sent: Tuesday, July 14, 2009 2:38 PM To: 'Snort Users List' Subject: [Snort-users] Web UI Hello, I am looking to setup a new SNORT IDS. I set one up a while back with ACID as my UI, I liked it very much but now I’m looking to build a brand new one and it would seem that many things have changed sense I did this last. Most notably, it looks like the ACID project has been dropped. Is ACID still a good web based UI for SNORT or is there a better one these days? I’d also appreciate your opinion on BASE which looks pretty much like ACID but seems to be more current. -Scott ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Attachment:
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Web UI Scott Elgram (Jul 14)
- Re: Web UI Joel Esler (Jul 14)
- Re: Web UI Scott Elgram (Jul 14)
- Re: Web UI Joel Esler (Jul 14)
- Re: Web UI Joel Esler (Jul 14)
- Re: Web UI (UNCLASSIFIED) Craig (Jul 14)
- Re: Web UI Russell Fulton (Jul 14)
- Re: Web UI Joel Esler (Jul 14)
- Re: Web UI Scott Elgram (Jul 14)
- Re: Web UI Joel Esler (Jul 14)
- Re: Web UI JJ Cummings (Jul 14)
- Re: Web UI CunningPike (Jul 21)