Snort mailing list archives
RE: Looking for tool to generate isp/domain notific ation emails....
From: "Potts, Ross A." <RPOTTS () NORTHROPGRUMMAN COM>
Date: Fri, 10 May 2002 09:32:19 -0700
Well, SnortSnarf will at least can the whois lookups for you on a number of sites. I use webalizer in conjunction because It will reverse lookup at least what hits the webserver. I have thus far unsuccessfully tested reconfiguring Snarf to do a few extra things to make my life easier. I'm getting closer! -----Original Message----- From: Kevin Riggins [mailto:kriggins () comdev com] Sent: Friday, May 10, 2002 9:17 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Looking for tool to generate isp/domain notification emails.... Once upon a time, I seem to remember seeing a tool that would parse snort logs, perform the dns/revers/whaterver lookups, generate and send and email to the parties concerned about an intrusion attempt. Does anybody know where I can get something like this? I use aris.securityfocus.com right now, but it is very time consuming. I could roll my own, but, you know, wheel, reinvent, etc... TIA, Kevin Riggins Quester Research 2910 Westown Parkway Suite 100 West Des Moines, IA 50266 mailto: kriggins () comdev com phone: +1 (515) 225-2500 x 257 cell: +1 (515) 202-2306
Current thread:
- RE: Looking for tool to generate isp/domain notific ation emails.... Potts, Ross A. (May 10)