Snort mailing list archives

Previous By Date Next
Previous By Thread Next

IDScenter 1.1 RC2 and Eagle X 1.0.1 released!

From: Ueli Kistler <iuk () gmx ch>
Date: Mon, 10 Feb 2003 10:38:40 +0100
Hello,

IDScenter 1.1 RC2 is out! Available on www.packx.net.
Fixed: Stream4, Frag2 preprocessors setup, some minor bugs
EagleX 1.0.1: fixed the database access problem and comes with a new configuration tool. - Eagle X configuration sets Snort service to start automatically (no need to set up this manually, or compile Snort again with another service configuration) - Digest authentication support (but Internet Explorers implementation is not "compatible" with Apache ;) .. means uri field is set wrong, but if you use Mozilla or Opera it works) -> MD5 checksum is calculated by the configuration tool (htdigest.exe is still included in the package though) 
  -> RFC2617 (Resource: http://ftp.ics.uci.edu/pub/ietf/http/rfc2617.txt)

(going back to work now.. have a nice day)

If you don't know IDScenter, here's a description:

What is IDScenter?
==================
IDScenter is a configuration and and management tool for Snort IDS on Windows platforms. 

Download: www.packx.net

Features
========
* Snort 1.9 / 1.8 / 1.7 support 
         o easy access to all settings
         o Interface listing using WinPCAP
   * Snort service mode support
         o IDScenter takes over control of the Snort service
   * Snort configuration wizard
         o Variables
         o Preprocessor plugins
         o Output plugins
         o Rulesets
   * Ruleset editor: supports all Snort 1.9.1 rule options
         o Easily modify your rules
         o Import rules from files or websites into existant rulesets
   * AutoBlock plugins: write your own plugins (DLL) for your firewall
o ISS NetworkICE BlackICE Defender plugin included (possibility to block IP's, TCP and UDP ports, set block duration) o Delphi framework included for fast writing new plugins for other firewalls 
         o Prevents problems in plugins to propagate to IDscenter
   * Alert notification via e-mail, alarm sound or only visual notification
         o Possibilty to send the last # lines of your Snort log
o Notification of attack is also possible with Snort logging to MySQL o Add attachments (e.x. the current process list generated by another program) * Test configuration feature: fast testing of your IDS configuration (Snort rule syntax checking etc.) 
   * Monitoring:
         o Alert file monitoring (up to 10 files)
o MySQL alert detection: allows centralized monitoring of all Snort sensors (e.x. if you have a Notebook with WLAN adapter you can be alerted whereever you are) 
   * Log rotation (compressed archiving of log files)
         o Set log rotation period (day, week, month, interval)
         o Organisation of backup logs
   * Integrated log viewer
         o Log file viewer
         o XML log file viewer
         o HTML/website viewer (support for ACID, SnortSnarf, etc.)
   * Program execution possible if an attack was detected
   * .. and more!

Regards,
   Eclipse
   eclipse () packx net
   www.packx.net



-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: