This has real potential

[Alex Tatistcheff <alex.tatistcheff () gmail com>]

There's a new Perl script on the block and it has HUGE potential to help
Snort admins tune their installations.  You're probably aware of the host
attribute table feature where you create an .XML file describing the hosts
on your network, then feed that into Snort.  The key phrase here is "you
create".  In the past this was a very labor intensive process and could
prove daunting if you have a large or fairly dynamic network.  Just recently
Parker Crook (one sharp individual) has written a script to create this host
attribute .XML file from output obtained from the nmap scanner.  The script
is new and could use some testing from the community.  However, the concept
is sound and the value of automatically creating this file is significant.
It's mentioned in a blog at

http://global-security.blogspot.com/2010/02/hogging-snort-host-attribute-table.html

The project, which is called Hogger (what a cool name) is available on
Google Code at http://code.google.com/p/hogger

Alex Tatistcheff
alext () pobox com

------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users