IDS mailing list archives
RE: Snort
From: "Leon De France" <Leon.DeFrance () Siebel com>
Date: Thu, 30 Sep 2004 15:53:07 -0600
You can try what was silicon defense's snortsnarf. It will not get rid of false positives, but it does a good job with reports imo http://www.snort.org/dl/contrib/data_analysis/snortsnarf/ There is also ACID. Leon -----Original Message----- From: Jeremy Gonzales [mailto:jerdgonzales () yahoo com] Sent: Monday, September 27, 2004 3:09 PM To: focus-ids () securityfocus com Subject: Snort Hi, Does anyone have experience with snort reports? How do you deal with the loads of information? Is there a way to generate reports that eliminate the false positives? Any help will be appreciated. Thanks, Jeremy. __________________________________ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail ------------------------------------------------------------------------ -- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ -- ------------------------------------------------------------------------------ This e-mail message is for the sole use of the intended recipient(s) and contains confidential and/or privileged information belonging to Siebel Systems, Inc. or its customers or partners. Any unauthorized review, use, copying, disclosure or distribution of this message is strictly prohibited. If you are not an intended recipient of this message, please contact the sender by reply e-mail and destroy all soft and hard copies of the message and any attachments. Thank you for your cooperation. ==================================================== -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- Re: Snort vvaduva (Sep 30)