Snort mailing list archives
Re: Snorby opinions
From: Dustin Webber <dustin.webber () gmail com>
Date: Mon, 6 Jun 2011 13:38:06 -0400
All, I would like to clarify that I was talking about the languages -- not applications written in them. If you're a good programmer you could build amazing applications with anything. Just consider all languages before you start a new project. If that language works best for the job... then use it. (except php.. never use that.) Honestly.. we should all be writing in TCL anyways... Dustin W. Webber Dustin.Webber () gmail com On Mon, Jun 6, 2011 at 12:30 PM, Dustin Webber <dustin.webber () gmail com>wrote:
Snorby is not about being `flashy` - It's about proper interface design and workflow. The ability to produce metrics and quickly navigate (hotkeys), classify and investigate are a few of snorbys strengths. Snorby will be moving to a custom collection/processing system soon using my unified2 lib (https://github.com/mephux/unified2) and the snorby-collect cl tool (https://github.com/Snorby/snorby-collect). This will open a few doors for snorby users likes event preprocessing/categorization before insert/storage using a simple and clean DSL (Like a unified2 ORM - supporting all modern datastores: key/value, mongodb etc..). You will have the ability to design the datastore to fit your needs and snorby will just sit on top with a translation layer. The security community seems to have a personal vendetta with design and new technology. I'm not sure I will ever fully understand why but in my eyes if we don't start moving forward and accepting UX theory and incorporating new technologies (yes, lets stop using perl and php please) we will never evolve. </rant> Sometimes pretty does not mean gimmick, we just cared about it. Dustin W. Webber Dustin.Webber () gmail com On Mon, Jun 6, 2011 at 12:06 PM, Jefferson, Shawn < Shawn.Jefferson () bcferries com> wrote:I'm one of those BASE people still... It's difficult to move off of it now, since I've modified it to link with my patch management and AV/HIPS products (as well as StreamDB and OpenFPC). What does Snorby give you that BASE doesn't (besides a much flashier GUI?) -----Original Message----- From: Martin Holste [mailto:mcholste () gmail com] Sent: Sunday, June 05, 2011 9:58 AM To: Lay, James Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] Snorby opinions Snorby is great--anyone still messing around with BASE is missing out! Also, if you want a ridiculously fast packet capture tool to integrate with Snorby, you can use StreamDB (streamdb.googlecode.com) as a drop-in replacement for OpenFPC (Snorby hooks into OpenFPC under "Packet Capture Options"). Your packets (streams in this case) will load instantaneously (versus a minute or more with OpenFPC on large pcaps). On Fri, Jun 3, 2011 at 10:02 AM, Lay, James <james.lay () wincofoods com> wrote:Hey all! Topic says it..anyone run Snorby here? Would love to get someopinions.I'mneeding something more.."pretty" (though personally I think tailing.fastlogs in a console is pretty). Thanks for any input. James------------------------------------------------------------------------------Simplify data backup and recovery for your virtual environment withvRanger.Installation's a snap, and flexible recovery options mean your data issafe,secure and there when you need it. Discover what all the cheering'sabout.Get your free trial download today. http://p.sf.net/sfu/quest-dev2dev2 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------------------------------ Simplify data backup and recovery for your virtual environment with vRanger. Installation's a snap, and flexible recovery options mean your data is safe, secure and there when you need it. Discover what all the cheering's about. Get your free trial download today. http://p.sf.net/sfu/quest-dev2dev2 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------------------------------ Simplify data backup and recovery for your virtual environment with vRanger. Installation's a snap, and flexible recovery options mean your data is safe, secure and there when you need it. Discover what all the cheering's about. Get your free trial download today. http://p.sf.net/sfu/quest-dev2dev2 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Simplify data backup and recovery for your virtual environment with vRanger. Installation's a snap, and flexible recovery options mean your data is safe, secure and there when you need it. Discover what all the cheering's about. Get your free trial download today. http://p.sf.net/sfu/quest-dev2dev2
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snorby opinions Lay, James (Jun 03)
- Re: Snorby opinions turki (Jun 04)
- Re: Snorby opinions Martin Holste (Jun 05)
- Re: Snorby opinions Lay, James (Jun 06)
- Re: Snorby opinions Jefferson, Shawn (Jun 06)
- Re: Snorby opinions Dustin Webber (Jun 06)
- Re: Snorby opinions Dustin Webber (Jun 06)
- Re: Snorby opinions Randal T. Rioux (Jun 06)
- Re: Snorby opinions Dustin Webber (Jun 06)
- Re: Snorby opinions Randal T. Rioux (Jun 06)
- Re: Snorby opinions Joel Esler (Jun 06)
- Re: Snorby opinions Paul Halliday (Jun 06)
- Re: Snorby opinions Martin Holste (Jun 06)