Snort mailing list archives
Re: [despammed] RE: Looking for tool to generate isp/domain notific ation emails....
From: Ed McMan <edmcman () despammed com>
Date: Fri, 10 May 2002 15:33:11 -0400
Do a search for incident.pl ------------------------------------------------------------- | Eddie J Schwartz <EdMcMan () m00 net> http://www.m00.net | | AIM: The Cypher ICQ: 35576339 YHOO: edmcman2 MSN: ^^ | | "We Trills have an expression--at forty, you think you | | know everything. At four hundred, you realize you know | | nothing." - Dax, Star Trek Deep Space 9 | ------------------------------------------------------------- ----- Original Message ----- From: "Potts, Ross A." <RPOTTS () NORTHROPGRUMMAN COM> To: <snort-users () lists sourceforge net> Sent: Friday, May 10, 2002 12:32 PM Subject: [despammed] RE: [Snort-users] Looking for tool to generate isp/domain notific ation emails....
Well, SnortSnarf will at least can the whois lookups for you on a number
of
sites. I use webalizer in conjunction because It will reverse lookup at least what hits the webserver. I have thus far unsuccessfully tested reconfiguring Snarf to do a few extra things to make my life easier. I'm getting closer! -----Original Message----- From: Kevin Riggins [mailto:kriggins () comdev com] Sent: Friday, May 10, 2002 9:17 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Looking for tool to generate isp/domain
notification
emails.... Once upon a time, I seem to remember seeing a tool that would parse snort logs, perform the dns/revers/whaterver lookups, generate and send and
to the parties concerned about an intrusion attempt. Does anybody know where I can get something like this? I use aris.securityfocus.com right now, but it is very time consuming. I could roll my own, but, you know, wheel, reinvent, etc...
_______________________________________________________________ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: bandwidth () sourceforge net _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Looking for tool to generate isp/domain notific ation emails.... Potts, Ross A. (May 10)
- Re: [despammed] RE: Looking for tool to generate isp/domain notific ation emails.... Ed McMan (May 10)