Snort mailing list archives
Re: Rapid7 and Snort....Good Things from this I think
From: Jason Brvenik <jasonb () sourcefire com>
Date: Mon, 11 Apr 2011 13:07:00 -0400
You talking about SourcefireNation? https://community.sourcefire.com/ is live and readily available. The integration stuff is in downloads - https://community.sourcefire.com/downloads On Mon, Apr 11, 2011 at 12:53 PM, Joel Esler <jesler () sourcefire com> wrote:
We integrate with a bunch of things. Rapid7, Qualys, Nessus, Nmap, etc. More and more coming all the time. We have a website dedicated to just these types of tools that integrate with the Sourcefire Defense Center, not sure when that'll be announced (or if it was, did I miss it?) Joel On Apr 11, 2011, at 12:42 PM, Jason Wallace wrote:Enhancing RNA rule recommendations and having host vulnerability data readily available are both great, but the biggest thing this adds is the effect on the impact flag for an alert. When your IPS console knows that host x.x.x.x is vulnerable to MSYY-xxxx or CVE-YYYY-xxxx and one of your sensors triggers an alert for a rule designed to detect that specific threat, then the console can correlate that data to increase the priority (impact) of that alert. This allows an analyst to identify alerts that should be examined immediately. It can also provides more assurance regrading implementing certain types of automated responses like firewall shuns or null routes on routers. Sourcefire systems also integrate with Qualys data and a number of SIEM solutions such as QRadar. QRadar also integrates with a number of vulnerability scanners too. When your IPS, vulnerability management tool, and SIEM all work together the result if friggen' awesome... Thx, Wally On Mon, Apr 11, 2011 at 12:17 PM, Albert R. Campa <abcampa () gmail com> wrote:i guess it would enhance RNA? There is only so much you can detect sniffing traffic passively. If you can import credentialed vuln information, your RNA recommended rules would be pretty tight. On Mon, Apr 11, 2011 at 11:07 AM, Michael Lubinski <michael.lubinski () gmail com> wrote:To trim off the fat, what will importing a NeXpose scan into the 3D system accomplish. I guess I'm just not familiar enough with the system in general to make the connection here. If anyone could clue me in a bit, even off-list, that would be awesome. Thanks! On Mon, Apr 11, 2011 at 10:49 AM, Gibson, Nathan J. (HSC) <Nathan-Gibson () ouhsc edu> wrote:http://www.rapid7.com/news-events/press-releases/2011/2011-sourcefire.jsp GIBBY _____________________________ Nathan J. Gibson, MsIA, CISSP, CISM,CCNA, MCSA IT Architect Infrastructure Services The University of Oklahoma HSC voice: 405.271.2644 x50340 fax: 405.271.2181 Feedback? Email comments to Chris Hodges -------------------------- CONFIDENTIALITY NOTICE: This e-mail communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please destroy all copies of this communication and any attachments. ------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Regards, Jason. ------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Rapid7 and Snort....Good Things from this I think Gibson, Nathan J. (HSC) (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Michael Lubinski (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Jefferson, Shawn (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Albert R. Campa (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Ray Caparros (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Martin Holste (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Chris Jacob (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Jason Wallace (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Joel Esler (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Jason Brvenik (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Joel Esler (Apr 11)
- Re: Rapid7 and Snort....Good Things from this I think Alan Ptak (Apr 11)
- Problem with snort,oinkmaster, and feed Carney, Megan (Apr 12)
- Re: Rapid7 and Snort....Good Things from this I think Michael Lubinski (Apr 11)