Re: getcontact utility

[Joe McAlerney <joey () SiliconDefense com>]

Hello Paul,

You may want to check out the SnortSnarf Incident Storage and Response
(SISR) module that hooks into SnortSnarf.  It will generate the contact
address based on whois lookups, and use it in an e-mail message
constructed by a template of your choice.  This is all done in web-based
forms.

SnortSnarf: http://www.silicondefense.com/software/snortsnarf/
SISR README:
http://www.silicondefense.com/software/snortsnarf/readme.sisr.shtml

Hope this helps,

-Joe M.

-- 
|   Joe McAlerney     joey () silicondefense com   |
| Silicon Defense - Technical Support for Snort |
|       http://www.silicondefense.com/          |
+--                                           --+

"Sheahan, Paul (PCLN-NW)" wrote:
> Hello,
>
> I am looking for a utility to use with Snort (running on Linux) similar to
> the "Getcontact" utility seen on snort.org. It would be nice to be able to
> automatically lookup contacts for the different ISPs and send out emails
> when certain attacks occur. Does anyone have a script they could share that
> could do this?
>
> Getcontact seems to be made for the Windows version of Snort and I don't
> know how to get it to work under Linux.
>
> Thanks!
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users