Building wireless IDS article | New Sagan w/ Prelude release

["Champ Clark III [Softwink]" <champ () softwink com>]

        Hello All, 

        I've released a new article I've been working on for a bit.  Its
title is,  "Building wireless IDS systems using open source".   The idea
of this article is to use open source solutions (Snort, Kismet, Sagan, hostapd)
to build wireless IDS systems that report back to a unified/single console
for threat analysis.   It has a bit of a different 'twist' from previous
wireless IDS articles.   Let me know what you think about it.   

It can be found at:

http://sagan.softwink.com/papers/wireless-ids

        I've also released a new version of Sagan (0.1.7) that supports 
the Prelude frame work.  I'm pretty excited about Sagan's Prelude output
format.   This gives Sagan IDMEF output and can log to a Prelude back end for
viewing with Prelude's "Prewikka".    Of course,  all the standard Sagan
to Snort logging (MySQL/PostgreSQL) are still there :)

For more information on Sagan,  please check out:

http://sagan.softwink.com

Screen shots of Prelude,  Snorby and BASE can be found at:

http://sagan.softwink.com/screenshots.html

-- 
        Champ Clark III | Softwink, Inc | 800-538-9357 x 101
                     http://www.softwink.com

GPG Key ID: 58A2A58F
Key fingerprint = 7734 2A1C 007D 581E BDF7  6AD5 0F1F 655F 58A2 A58F
If it wasn't for C, we'd be using BASI, PASAL and OBOL.

Attachment: _bin
Description:

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com