Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Logs Snort to attack map

From: Diego Brum <diego.brum () ifb edu br>
Date: Mon, 23 Jan 2017 13:02:30 -0200
I'm working on the project
https://github.com/MatthewClarkMay/geoip-attack-map and developed scripts
that normalize the snort log and send it to the attack map. I use swatch
and shell scripts. I wonder if anyone cares or has a better idea.



​



-- 
*Diego Brum Lima Rocha*
Tecnólogo em Segurança da Informação no NTIC
Instituto Federal de Brasília - IFB
61 2103-2129


*Policies of Perpetual Paranoia*

*Adopt universal IT Security policy:*

*1- No network is trusted, inside or out*
*2- No user is fully trusted, anywhere*
*3- No app's native security is trusted*



*4- The bad guys are already inside*


*“O elemento humano é um grande desafio. Mesmo investindo em tecnologias e
soluções de segurança, se o usuário não tiver um comportamento seguro, todo
esforço em proteger a informação será em vão”*



*-----BEGIN PGP PUBLIC KEY BLOCK-----Version: GnuPG
v2mQENBFczy8YBCADdYbqN5j7FkPdyJrG2uPn2gBa5QBPwL9XVBf2dDsTf8Jwg4KbdyvVOuw1ode4HhsybM4DIFNJ26twEOZ6SlhDoA4ityGZodhsELyYhVH2yo7z/O7unhYhiks8PcVayAcBrz/lYmFWVZxav88jL0F7j3/koorZJ3nIuzyZS7txtQ/urEI6ljqddfRGtiP854cB2Yx9vcraxpJG/QsuDz+tvdYCr6ks+53f7PZGatXpXra6lD1f46Klx5K7VvAR3FxS9NUWClk+9Dt+oF3pgX2y5toaFOI66IlfqgIkqYmX0ryVRVgtf/ZgxmwPFMm6r7TsYFIISmr0Fj8qgtu0fF3F9ABEBAAG0LERpZWdvIEJydW0gTGltYSBSb2NoYSA8ZGllZ28uYnJ1bUBnbWFpbC5jb20+iQE5BBMBAgAjBQJXM8vGAhsvBwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQkjLA1OAEedsmcQgAkldRntlLnnMveFkfLCljYdn1WKeaWQarM9vaeR7GlLgFXXVGeTc388hb+qwvFq1KhTs0vRqNv00W5zeb4xbnYLVgGLVoedW8yGG19OGIMyKjf/+r8G8pKzKkxbHq+6cJRpHmrmWpLR2Cry8HQxg32Yg13FsjC2ttigEc6KJ05eVtO21aazGVziyrT87rjwBJ9esWFYduC/TEvpyew2+kvgIOGZCl4LpGw15+E2VwGb5ohNaM21tlFcFir/eL/YXPIt2qcQ87PIPvX02J6GIxOtXaO1OLj4tykKIrywUcKaztL9Cu5F1xnX5PGKXTg3Qtc6gR/HBQGEdJcC/rC6X7T7kBDQRXM8vGAQgArG5BbsTXNHaaoPxWp/+iir7/r55wiXkyJOPaVj5Fa56fcHmjcRRqqgQwqngbABufMJkNz8+LsMo9cVSVCz0Zt7LFLTygs6GGEPeNpiAl7bh0Y3FBotqcv1IAfUIWuFGoOYQc07+QDhoWKC4PcVMX7zeVPNgvD56WCL3H00FG7xZIWz1DtY7ktAwHLKiZj+e1sFzQS0sYPrjAuGLXMawOf31+8pdNxdVyoZoHpAlpC2JOZET65+KSjBJWYZXWOjgRoWqzrQsFJI3NP7V0UxKzODKl1syfob/Upia0X8pu2/x64otgEYlSY2y2gZsaiR3jrD1SA75pisk5Zz5YGrKGfQARAQABiQI+BBgBAgAJBQJXM8vGAhsuASkJEJIywNTgBHnbwF0gBBkBAgAGBQJXM8vGAAoJELf5cQBPe8ngYiIH/RRLcHRRrxO8W+n/DHrarSN33lpUnqei1MwNgX6TaxvHQfZWt1B+CjIZod2Lsanz2G4y7aKY6zQ3QCaGWxlJLxUPff+kxuQRc3f034ZCM5iDMNrmq7ccpXc1IjawE8+3iq8B85tTdDob4kX6bTfnBIUXe52v1GCdMz+WPpDLk5OeZYEF3QjSVneBpTX4dkGPSMCGHsWnN111GmSREMezXUe0m8DB3qQpmGRiA8ILsHxupovwWsR0LLatUSR2zfZAbmxnTSlsBBx8t+fc3RhsYBQFgtA4ZduQk653xmjE9BL8M25ubwIZ2tzE4IbKY5IUGnHOT5zGZPk0Q9n+6GC1CZXE8Qf9Hl3thPI2HL4ycAcXTZQVQZSv08ppImRmMpHf3Y2t9trHdcpmbn/GIlh2m4/LFCIhDv8hoHK/E/oQKBXTtPt7Ftb0UFAQaCElIdz4q5XlhnwJeK1R2HyA3EIDNGiVt+RD7HpV5gPsxU/+oSweb8AHtfafev/a5Ijqnm/ysP7UXXLSNmi/WsFLJNqAga1OS+Py2RyOmbwekm82kjYx5av/7jaBUe5UlNwHGZgb7K9XKD1kq3v4s3r0rqs19J2EGbv/0mGY17Co9tWoy+bVfaEfp1lXsyRcIiQnJ+RwkfeVrBVUry8xq49eezozFpeWZ6Yf4ASk6Ikas18Bml4y2QjaTg===5adw-----END
PGP PUBLIC KEY BLOCK-----*


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: