IDScenter 1.1 RC1 released!

[Ueli Kistler <iuk () gmx ch>]

Hello,

IDScenter 1.1 RC1 is finally out! Check www.packx.net for more information
What's new (short overview)? The rule editor, the ruleset management, 
the autoblock system and
plugins (extract IP, TCP, UDP and ICMP which can be blocked with the 
sample plugin BlackICEv2.dll), bug fixes,
support for -w option, corrected Stream4 option... and much more.. see 
the changelog when you downloaded the file ;)

NOTE: I've released a 99% preconfigured IDS enivornment based on Snort 
and IDScenter. It uses Apache, MySQL, PHP, ACID (with jpgraph and adodb 
library preinstalled for PHP)
and a little configuration tool (EagleXconfig). I will send out a 
separate announcement.

What is IDScenter?
==================
IDScenter is a configuration and and management tool for Snort IDS on 
Windows platforms.

Download: www.packx.net

Features
========
  
   * Snort 1.9 / 1.8 / 1.7 support
         o easy access to all settings
         o Interface listing using WinPCAP
   * Snort service mode support
         o IDScenter takes over control of the Snort service
   * Snort configuration wizard
         o Variables
         o Preprocessor plugins
         o Output plugins
         o Rulesets
   * Ruleset editor: supports all Snort 1.9.1 rule options
         o Easily modify your rules
         o Import rules from files or websites into existant rulesets
   * AutoBlock plugins: write your own plugins (DLL) for your firewall
         o ISS NetworkICE BlackICE Defender plugin included 
(possibility to block IP's, TCP and UDP ports, set block duration)
         o Delphi framework included for fast writing new plugins for 
other firewalls
         o Prevents problems in plugins to propagate to IDscenter
   * Alert notification via e-mail, alarm sound or only visual notification
         o Possibilty to send the last # lines of your Snort log
         o Notification of attack is also possible with Snort logging 
to MySQL
         o Add attachments (e.x. the current process list generated by 
another program)
   * Test configuration feature: fast testing of your IDS configuration 
(Snort rule syntax checking etc.)
   * Monitoring:
         o Alert file monitoring (up to 10 files)
         o MySQL alert detection: allows centralized monitoring of all 
Snort sensors (e.x. if you have a Notebook with WLAN adapter you can be 
alerted whereever you are)
   * Log rotation (compressed archiving of log files)
         o Set log rotation period (day, week, month, interval)
         o Organisation of backup logs
   * Integrated log viewer
         o Log file viewer
         o XML log file viewer
         o HTML/website viewer (support for ACID, SnortSnarf, etc.)
   * Program execution possible if an attack was detected
   * .. and more!

Regards,
   Eclipse
   eclipse () packx net



-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users