Snort mailing list archives
New IDS tool, looking for beta testers
From: Jack Radigan <jprad () centrych org>
Date: Tue, 01 Apr 2014 09:33:55 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've just published the first beta release of a plugin (dissector) that gives you the ability to view Snort/Suricata alerts from within Wireshark. A companion set of tools provide you with the ability to create multiple "configuration instances" so that you can quickly switch from one to another within Wireshark for comparing differences between them for the same pcap file. An overview of the tools and demo of the plugin can be viewed at: https://vimeo.com/88460795 Everything is currently limited to Linux, but I am working on a Windows version of Wireshark with the plugin, no timeframe on when it will be ready for testing though. The packages for this were developed and tested with Centrych, but should work with other Ubuntu 12.04 compatible systems as well. Additional details on the Centrych version of Wireshark are listed at: http://www.centrych.org/wireshark A walk-through on installing and setting up snort and suricata instances is available at: http://www.centrych.org/idsutil An Ubuntu 12.04 compatible PPA with all the required packages are available from: https://launchpad.net/~centrych/+archive/security Centrych can be downloaded from: http://www.centrych.org/downloads If you're using another distribution, you can obtain the python source as well as patch files for Wireshark and Barnyard from: https://github.com/CentrychOS/python-idsutil Enjoy, - -jack- Jack Radigan -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBAgAGBQJTOsBDAAoJEG9x8hW2IFbR3+MH/0BJFAmT7tvG8+nIVctPvSFn SvgGKhHrqMTuzIQi4VjemcFkg8ZB+acZHfIiZOthxY7pCn2Yd02MkFVMNqQlbHJz RWdUs9IoZfl8Z0NhX6ng74l7KUrJAIH5TI6w8Vqz+Yo7lpEcbjwaxjJ0Pwk0+jOL DAA4vbwH/Uu5JvtY5kjBtgpbgc/+YS+mU+xkJipQbtx7deGEUM8yXWYzmfA//4nC ObZBBtB2Su+2RU4ke+512B1H8MbaVEKYKIJwyX/YOU8xfWu2e7pAC+wJzHgDwknY vWttts7l7bC1D3B5gaVawR1wYObrrvwZc1Zr8VmPxHV2toabPui9m61vXUO61Uk= =PtAl -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- New IDS tool, looking for beta testers Jack Radigan (Apr 01)