Snort mailing list archives

Previous By Date Next
Previous By Thread Next

New IDS tool, looking for beta testers

From: Jack Radigan <jprad () centrych org>
Date: Tue, 01 Apr 2014 09:33:55 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've just published the first beta release of a plugin (dissector) that
gives you the ability to view Snort/Suricata alerts from within
Wireshark. A companion set of tools provide you with the ability to
create multiple "configuration instances" so that you can quickly switch
from one to another within Wireshark for comparing differences between
them for the same pcap file.

An overview of the tools and demo of the plugin can be viewed at:
https://vimeo.com/88460795

Everything is currently limited to Linux, but I am working on a
Windows version of Wireshark with the plugin, no timeframe on when it
will be ready for testing though.

The packages for this were developed and tested with Centrych, but
should work with other Ubuntu 12.04 compatible systems as well.

Additional details on the Centrych version of Wireshark are listed at:
http://www.centrych.org/wireshark

A walk-through on installing and setting up snort and suricata
instances is available at: http://www.centrych.org/idsutil

An Ubuntu 12.04 compatible PPA with all the required packages are
available from: https://launchpad.net/~centrych/+archive/security

Centrych can be downloaded from: http://www.centrych.org/downloads

If you're using another distribution, you can obtain the python source
as well as patch files for Wireshark and Barnyard from:
https://github.com/CentrychOS/python-idsutil

Enjoy,

- -jack-
Jack Radigan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBAgAGBQJTOsBDAAoJEG9x8hW2IFbR3+MH/0BJFAmT7tvG8+nIVctPvSFn
SvgGKhHrqMTuzIQi4VjemcFkg8ZB+acZHfIiZOthxY7pCn2Yd02MkFVMNqQlbHJz
RWdUs9IoZfl8Z0NhX6ng74l7KUrJAIH5TI6w8Vqz+Yo7lpEcbjwaxjJ0Pwk0+jOL
DAA4vbwH/Uu5JvtY5kjBtgpbgc/+YS+mU+xkJipQbtx7deGEUM8yXWYzmfA//4nC
ObZBBtB2Su+2RU4ke+512B1H8MbaVEKYKIJwyX/YOU8xfWu2e7pAC+wJzHgDwknY
vWttts7l7bC1D3B5gaVawR1wYObrrvwZc1Zr8VmPxHV2toabPui9m61vXUO61Uk=
=PtAl
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: