Snort mailing list archives
Re: Trending
From: Paul Halliday <paul.halliday () gmail com>
Date: Wed, 13 Jul 2011 21:36:30 -0300
On Wed, Jul 13, 2011 at 5:20 PM, Lay, James <james.lay () wincofoods com> wrote:
Hey all! So…I’ve got Snorby installed…it was a hoot, but it’s done now. My goal for the GUI is to easily see trends over time….try and catch the bad guys that scan 5 ports a day and junk like that. Is Snorby the best for this or is there something else better out there? Thanks for any advice.
Like a canned view? Would you want to be able to create the conditions for the view yourself? What criteria would you want to be able to chose from? How do you see the operation of something like that? What interval is good? an hourly summary? Daily? Monthly? What other 'junk'? Just looking for ideas. -- Paul Halliday http://www.squertproject.org/ ------------------------------------------------------------------------------ AppSumo Presents a FREE Video for the SourceForge Community by Eric Ries, the creator of the Lean Startup Methodology on "Lean Startup Secrets Revealed." This video shows you how to validate your ideas, optimize your ideas and identify your business strategy. http://p.sf.net/sfu/appsumosfdev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please see http://www.snort.org/docs for documentation
Current thread:
- Trending Lay, James (Jul 13)
- Re: Trending JJC (Jul 13)
- Re: Trending Paul Halliday (Jul 13)
- Re: Trending James Lay (Jul 13)