Honeypots mailing list archives
Re: honeywall roo compilation of daily snort alerts
From: "Mark Ryan del Moral Talabis" <talabis () gmail com>
Date: Wed, 19 Apr 2006 22:48:15 +0800
If you like charts, you could try our Honeynet Activity Monitor and HoneyTrends, both are Snort frontends. It's still very complicated to use though but outputs quite pretty.. hehe. =) Sample output: Honeynet Activity Monitor (HAM) http://www.philippinehoneynet.org/data.php HoneyTrends http://www.philippinehoneynet.org/datahistory.php Cheers! Ryan Talabis Lead Analyst Philippine Honeynet Project http://www.philippinehoneynet.org 2006/4/18, mat <mr () simla colostate edu>:
is there any way to do a day to day listing of all the snort allerts, sorted by how serious they are. for example, i get like hundreds of udp port 0 and the ms-sql attacks, but how can i sift through to see some interesting attacks? thanks in advance. mat
-- The Philippine Honeynet Project http://www.philippinehoneynet.org
Current thread:
- honeywall roo compilation of daily snort alerts mat (Apr 17)
- Re: honeywall roo compilation of daily snort alerts Hugo Francisco González Robledo (Apr 18)
- Re: honeywall roo compilation of daily snort alerts Kevin Johnson (Apr 19)
- Re: honeywall roo compilation of daily snort alerts Mark Ryan del Moral Talabis (Apr 19)
- Re: honeywall roo compilation of daily snort alerts Hugo Francisco González Robledo (Apr 18)