Snort mailing list archives

Re: [despammed] RE: Looking for tool to generate isp/domain notific ation emails....

From: Ed McMan <edmcman () despammed com>
Date: Fri, 10 May 2002 15:33:11 -0400

Do a search for incident.pl
-------------------------------------------------------------
|   Eddie J Schwartz <EdMcMan () m00 net> http://www.m00.net   |
|   AIM: The Cypher ICQ: 35576339 YHOO: edmcman2 MSN: ^^    |
| "We Trills have an expression--at forty, you think you    |
| know everything.  At four hundred, you realize you know   |
|         nothing." - Dax, Star Trek Deep Space 9           |
-------------------------------------------------------------
----- Original Message -----
From: "Potts, Ross A." <RPOTTS () NORTHROPGRUMMAN COM>
To: <snort-users () lists sourceforge net>
Sent: Friday, May 10, 2002 12:32 PM
Subject: [despammed] RE: [Snort-users] Looking for tool to generate
isp/domain notific ation emails....

Well, SnortSnarf will at least can the whois lookups for you on a number

of

sites.  I use webalizer in conjunction because It will reverse lookup at
least what hits the webserver.  I have thus far unsuccessfully tested
reconfiguring Snarf to do a few extra things to make my life easier.  I'm
getting closer!



 -----Original Message-----
From: Kevin Riggins [mailto:kriggins () comdev com]
Sent: Friday, May 10, 2002 9:17 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Looking for tool to generate isp/domain

notification

emails....



Once upon a time, I seem to remember seeing a tool that would parse snort
logs, perform the dns/revers/whaterver lookups, generate and send and

email

to the parties concerned about an intrusion attempt.  Does anybody know
where I can get something like this?  I use aris.securityfocus.com right
now, but it is very time consuming.  I could roll my own, but, you know,
wheel, reinvent, etc...



_______________________________________________________________

Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: bandwidth () sourceforge net
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

RE: Looking for tool to generate isp/domain notific ation emails.... Potts, Ross A. (May 10)
- Re: [despammed] RE: Looking for tool to generate isp/domain notific ation emails.... Ed McMan (May 10)