Honeypots mailing list archives

Re: honeywall roo compilation of daily snort alerts

From: "Mark Ryan del Moral Talabis" <talabis () gmail com>
Date: Wed, 19 Apr 2006 22:48:15 +0800

If you like charts, you could try our Honeynet Activity Monitor and
HoneyTrends, both are Snort frontends. It's still very complicated to
use though but outputs quite pretty.. hehe. =)

Sample output:

Honeynet Activity Monitor (HAM)
http://www.philippinehoneynet.org/data.php

HoneyTrends
http://www.philippinehoneynet.org/datahistory.php

Cheers!

Ryan Talabis
Lead Analyst
Philippine Honeynet Project
http://www.philippinehoneynet.org


2006/4/18, mat <mr () simla colostate edu>:

is there any way to do a day to day listing of all the snort allerts,
sorted by how serious they are.  for example, i get like hundreds of udp
port 0 and the ms-sql attacks, but how can i sift through to see some
interesting attacks?  thanks in advance.

mat



--
The Philippine Honeynet Project
http://www.philippinehoneynet.org

Current thread:

honeywall roo compilation of daily snort alerts mat (Apr 17)
- Re: honeywall roo compilation of daily snort alerts Hugo Francisco González Robledo (Apr 18)
  - Re: honeywall roo compilation of daily snort alerts Kevin Johnson (Apr 19)
- Re: honeywall roo compilation of daily snort alerts Mark Ryan del Moral Talabis (Apr 19)