Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Hogger - bringing nmap & Snort together

From: "Crook, Parker" <Parker_Crook () reyrey com>
Date: Thu, 11 Mar 2010 10:05:06 -0500
To all you nmappers out there that may or may not be using Snort, I wanted to let you know that there is a new tool 
that I whipped up to parse nmap scan files for digestion by Snort:



Hogger is a tool written in perl that generates a host-attribute table for Snort.  It parses the output of an nmap 
scan, and creates a properly formatted XML file readable by Snort for easy preprocessor tuning.  Hogger can run on most 
platforms that can run perl scripts.  For more information on Hogger, check out JJ Cumming's blog post 
http://global-security.blogspot.com/2010/02/hogging-snort-host-attribute-table.html



If you choose to check it out, currently the parsing logic can't handle hosts with DNS resolution, so make sure to use 
the -n switch with nmap.



Check out Hogger at http://code.google.com/p/hogger/



Thanks,

Parker Crook

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: