Snort mailing list archives
Logs Snort to attack map
From: Diego Brum <diego.brum () ifb edu br>
Date: Mon, 23 Jan 2017 13:02:30 -0200
I'm working on the project https://github.com/MatthewClarkMay/geoip-attack-map and developed scripts that normalize the snort log and send it to the attack map. I use swatch and shell scripts. I wonder if anyone cares or has a better idea. -- *Diego Brum Lima Rocha* Tecnólogo em Segurança da Informação no NTIC Instituto Federal de Brasília - IFB 61 2103-2129 *Policies of Perpetual Paranoia* *Adopt universal IT Security policy:* *1- No network is trusted, inside or out* *2- No user is fully trusted, anywhere* *3- No app's native security is trusted* *4- The bad guys are already inside* *“O elemento humano é um grande desafio. Mesmo investindo em tecnologias e soluções de segurança, se o usuário não tiver um comportamento seguro, todo esforço em proteger a informação será em vão”* *-----BEGIN PGP PUBLIC KEY BLOCK-----Version: GnuPG v2mQENBFczy8YBCADdYbqN5j7FkPdyJrG2uPn2gBa5QBPwL9XVBf2dDsTf8Jwg4KbdyvVOuw1ode4HhsybM4DIFNJ26twEOZ6SlhDoA4ityGZodhsELyYhVH2yo7z/O7unhYhiks8PcVayAcBrz/lYmFWVZxav88jL0F7j3/koorZJ3nIuzyZS7txtQ/urEI6ljqddfRGtiP854cB2Yx9vcraxpJG/QsuDz+tvdYCr6ks+53f7PZGatXpXra6lD1f46Klx5K7VvAR3FxS9NUWClk+9Dt+oF3pgX2y5toaFOI66IlfqgIkqYmX0ryVRVgtf/ZgxmwPFMm6r7TsYFIISmr0Fj8qgtu0fF3F9ABEBAAG0LERpZWdvIEJydW0gTGltYSBSb2NoYSA8ZGllZ28uYnJ1bUBnbWFpbC5jb20+iQE5BBMBAgAjBQJXM8vGAhsvBwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQkjLA1OAEedsmcQgAkldRntlLnnMveFkfLCljYdn1WKeaWQarM9vaeR7GlLgFXXVGeTc388hb+qwvFq1KhTs0vRqNv00W5zeb4xbnYLVgGLVoedW8yGG19OGIMyKjf/+r8G8pKzKkxbHq+6cJRpHmrmWpLR2Cry8HQxg32Yg13FsjC2ttigEc6KJ05eVtO21aazGVziyrT87rjwBJ9esWFYduC/TEvpyew2+kvgIOGZCl4LpGw15+E2VwGb5ohNaM21tlFcFir/eL/YXPIt2qcQ87PIPvX02J6GIxOtXaO1OLj4tykKIrywUcKaztL9Cu5F1xnX5PGKXTg3Qtc6gR/HBQGEdJcC/rC6X7T7kBDQRXM8vGAQgArG5BbsTXNHaaoPxWp/+iir7/r55wiXkyJOPaVj5Fa56fcHmjcRRqqgQwqngbABufMJkNz8+LsMo9cVSVCz0Zt7LFLTygs6GGEPeNpiAl7bh0Y3FBotqcv1IAfUIWuFGoOYQc07+QDhoWKC4PcVMX7zeVPNgvD56WCL3H00FG7xZIWz1DtY7ktAwHLKiZj+e1sFzQS0sYPrjAuGLXMawOf31+8pdNxdVyoZoHpAlpC2JOZET65+KSjBJWYZXWOjgRoWqzrQsFJI3NP7V0UxKzODKl1syfob/Upia0X8pu2/x64otgEYlSY2y2gZsaiR3jrD1SA75pisk5Zz5YGrKGfQARAQABiQI+BBgBAgAJBQJXM8vGAhsuASkJEJIywNTgBHnbwF0gBBkBAgAGBQJXM8vGAAoJELf5cQBPe8ngYiIH/RRLcHRRrxO8W+n/DHrarSN33lpUnqei1MwNgX6TaxvHQfZWt1B+CjIZod2Lsanz2G4y7aKY6zQ3QCaGWxlJLxUPff+kxuQRc3f034ZCM5iDMNrmq7ccpXc1IjawE8+3iq8B85tTdDob4kX6bTfnBIUXe52v1GCdMz+WPpDLk5OeZYEF3QjSVneBpTX4dkGPSMCGHsWnN111GmSREMezXUe0m8DB3qQpmGRiA8ILsHxupovwWsR0LLatUSR2zfZAbmxnTSlsBBx8t+fc3RhsYBQFgtA4ZduQk653xmjE9BL8M25ubwIZ2tzE4IbKY5IUGnHOT5zGZPk0Q9n+6GC1CZXE8Qf9Hl3thPI2HL4ycAcXTZQVQZSv08ppImRmMpHf3Y2t9trHdcpmbn/GIlh2m4/LFCIhDv8hoHK/E/oQKBXTtPt7Ftb0UFAQaCElIdz4q5XlhnwJeK1R2HyA3EIDNGiVt+RD7HpV5gPsxU/+oSweb8AHtfafev/a5Ijqnm/ysP7UXXLSNmi/WsFLJNqAga1OS+Py2RyOmbwekm82kjYx5av/7jaBUe5UlNwHGZgb7K9XKD1kq3v4s3r0rqs19J2EGbv/0mGY17Co9tWoy+bVfaEfp1lXsyRcIiQnJ+RwkfeVrBVUry8xq49eezozFpeWZ6Yf4ASk6Ikas18Bml4y2QjaTg===5adw-----END PGP PUBLIC KEY BLOCK-----*
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Logs Snort to attack map Diego Brum (Jan 26)
- Re: Logs Snort to attack map Daniel (Jan 26)