Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort Frontend Compare

From: James Lay <jlay () slave-tothe-box net>
Date: Sat, 17 Sep 2011 05:46:12 -0600

On 9/16/11 12:19 PM, "Dustin Webber" <dustin.webber () gmail com> wrote:


Hey James,

Great work on putting this together. I have a few features to add to
snorbys list.

- Hotkeys - (you can use the whole snorby UI without touching the mouse
once - mostly because I hate using a mouse)
- Custom Lookups - You can add your own URI apis form doing custom
src/dst addr lookups.. example:
http://www.mcafee.com/threat-intelligence/ip/default.aspx?ip=${ip}
- Comment system.. (not really important but some users find its
incredibly useful)

Also to sure what you mean by `Graph # of alerts by time` - thats what
the main dashboard graph does.

Feature comparison matrix additions/thoughts:

- Does Base or squert support other databases? snorby supports everything
currently support by the so_database output plugin.

Also, not 100% sure Squert makes sense in this comparison.. its purpose
is in a totally different direction.

Anyways, great work and thanks for putting this together.

- Dustin Willis Webber



Hi Dustin,

I'll add these in...and you're totally on point with the Graph # of alerts
by time...totally missed it 8-|.  Thanks again.

James



------------------------------------------------------------------------------
BlackBerry&reg; DevCon Americas, Oct. 18-20, San Francisco, CA
http://p.sf.net/sfu/rim-devcon-copy2
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: