Honeypots mailing list archives
Re: honeyd logs and graphics
From: "Peter Bates" <Peter.Bates () lshtm ac uk>
Date: Fri, 27 Feb 2004 11:22:11 +0000
John Lyons <john.lyons () heanet ie> 25/02/04 16:08:28 >>> We used honeyview until the recent upgrade to honeyd-0.8. Honeyview patch no longer works, has anyone built a solution for logfile analysis via HTTP which works in a similiar way that they would like to share with the community ?
Prelude is probably worthy of a plug here... (http://www.prelude-ids.org), a hybrid HIDS and NIDS, there are plug-ins available for honeyd which then allow the data to be analysed in 'Piwi', their web front-end. Looking at the site today, however, there isn't a honeyd plugin for 0.8 (similar to honeyview above)... with that addition, and more people contributing to Piwi (so it could look as tidy as ACID, for instance), and this solution could be really powerful. ... ---------------------------------------------------------------------------------------------------> Peter Bates, Systems Support Officer, Network Support Team. London School of Hygiene & Tropical Medicine. Telephone:0207-958 8353 / Fax: 0207- 636 9838
Current thread:
- honeyd logs and graphics Mauricio Smythe (Feb 05)
- Re: honeyd logs and graphics Reto Baumann (Feb 25)
- Re: honeyd logs and graphics John Lyons (Feb 25)
- <Possible follow-ups>
- Re: honeyd logs and graphics Peter Bates (Feb 27)
- Re: honeyd logs and graphics Michael Boman (Feb 28)
- Re: honeyd logs and graphics Reto Baumann (Feb 25)