Snort mailing list archives
(no subject)
From: JP Vossen <vossenjp () netaxs com>
Date: Thu, 24 Jul 2003 23:02:01 -0400 (EDT)
Date: Thu, 24 Jul 2003 15:14:47 -0400 From: Kevin Peuhkurinen <kevin.peuhkurinen () hepcoe com> To: snort-users () lists sourceforge net CC: snort-users () ols inorganic org Subject: [Snort-users] New snortcenter project idea
<snip>
It seems to me that the community needs an open source GUI for Snort.
What about http://sguil.sourceforge.net/? "Sguil (pronounced "sgweel") is a graphical interface to snort, an open source intrusion detection system. The actual interface and GUI server are written in tcl/tk. Sguil uses other open source software including barnyard, mysql, ethereal, tcpflow, and awhois.sh. Sguil currently functions as an analysis interface and has no snort sensor or rule management capabilities. Those features are currently being worked on and will be included in a later release." Sounds exactly like what you are talking about to me.
Unfortunately, IDS Policy Manager is crap,
I disagree. It has a narrow focus, true but in its niche it is a nice peice of work. In particular, I find the GUI layout makes Snort configuration and rules easier to grasp when new to Snort. For that reason I often recommend that newbies install it just to look at, even if they are not going to actually use it.
is Win32 only, and isn't open source anyway.
True. Also in the interest of full discolsure I should note that I've made a number of feature suggestions for that product, all of which were promptly added... Later, JP ------------------------------|:::======|-------------------------------- JP Vossen, CISSP |:::======| jp{at}jpsdomain{dot}org My Account, My Opinions |=========| http://www.jpsdomain.org/ ------------------------------|=========|-------------------------------- "The software said it requires Windows XP or better, so I installed Linux..." ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- (no subject) Kristian Ro (Jul 06)
- Re: (no subject) Simon Gray (Jul 07)
- Re: (no subject) Jason K. Boykin (Jul 07)
- ICMP Source Quench Bryan Waters (Jul 07)
- Re: ICMP Source Quench Chris Green (Jul 07)
- RE: ICMP Source Quench Bryan Waters (Jul 07)
- RE: ICMP Source Quench twig les (Jul 07)
- ICMP Source Quench Bryan Waters (Jul 07)
- <Possible follow-ups>
- (no subject) Ravi (Jul 11)
- (no subject) JP Vossen (Jul 24)
- (no subject) Marc Quibell (Aug 04)
- Re: (no subject) Chris Green (Aug 06)
- RE: (no subject) Miller, Eoin (Aug 04)
- (no subject) RAJNEEL DHOTRE (Aug 05)
- Re: (no subject) Erek Adams (Aug 05)
- Re: (no subject) Matt Kettler (Aug 05)
- Re: (no subject) Patrick S. Harper - CISSP (Aug 05)
- Re: (no subject) Erek Adams (Aug 05)
- (no subject) JP Vossen (Aug 09)
- Re: (no subject) Marc Quibell (Aug 11)
- (no subject) Stefan Eggert (Aug 26)