Re: Newbie question, Diff between SnortSnarf & Acid

[Leigh David Heyman <leigh () ai mit edu>]

Hi Ronald,
I'm not sure that there's any single source which compares the two, but in 
short, they're very different due to the source of the data that they're 
presenting.  SnortSnarf parses raw (binary or text) log/alert files from snort 
into an html result.  ACID and Demarc are PHP front-ends which pull their data 
from a relational database (mysql,postgresql, others?) backend, this relies on 
using snort's database output plugin.

I guess it all depends on how complex your IDS needs are.

I think the best advice is to run them both and see what best meets your needs 
(unless you don't want to install/run/configure a sql database, in which case, 
just stay with SnortSnarf)

-Leigh


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users