Snort mailing list archives

(no subject)

From: JP Vossen <vossenjp () netaxs com>
Date: Thu, 24 Jul 2003 23:02:01 -0400 (EDT)

Date: Thu, 24 Jul 2003 15:14:47 -0400
From: Kevin Peuhkurinen <kevin.peuhkurinen () hepcoe com>
To:  snort-users () lists sourceforge net
CC:  snort-users () ols inorganic org
Subject: [Snort-users] New snortcenter project idea


<snip>

It seems to me that the community needs an open source GUI for Snort.


What about http://sguil.sourceforge.net/?

"Sguil (pronounced "sgweel") is a graphical interface to snort, an open source
intrusion detection system. The actual interface and GUI server are written in
tcl/tk. Sguil uses other open source software including barnyard, mysql,
ethereal, tcpflow, and awhois.sh. Sguil currently functions as an analysis
interface and has no snort sensor or rule management capabilities. Those
features are currently being worked on and will be included in a later
release."

Sounds exactly like what you are talking about to me.

Unfortunately, IDS Policy Manager is crap,


I disagree.  It has a narrow focus, true but in its niche it is a nice peice
of work.  In particular, I find the GUI layout makes Snort configuration and
rules easier to grasp when new to Snort.  For that reason I often recommend
that newbies install it just to look at, even if they are not going to
actually use it.

is Win32 only, and isn't open source anyway.


True.  Also in the interest of full discolsure I should note that I've made a
number of feature suggestions for that product, all of which were promptly
added...


Later,
JP
------------------------------|:::======|--------------------------------
JP Vossen, CISSP              |:::======|         jp{at}jpsdomain{dot}org
My Account, My Opinions       |=========|       http://www.jpsdomain.org/
------------------------------|=========|--------------------------------
"The software said it requires Windows XP or better, so I installed
Linux..."



-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

(no subject) Kristian Ro (Jul 06)
- Re: (no subject) Simon Gray (Jul 07)
- Re: (no subject) Jason K. Boykin (Jul 07)
  - ICMP Source Quench Bryan Waters (Jul 07)
    - Re: ICMP Source Quench Chris Green (Jul 07)
    - RE: ICMP Source Quench Bryan Waters (Jul 07)
    - RE: ICMP Source Quench twig les (Jul 07)
- Re: (no subject) Erek Adams (Jul 07)
- <Possible follow-ups>
- (no subject) Ravi (Jul 11)
- (no subject) JP Vossen (Jul 24)
- (no subject) Marc Quibell (Aug 04)
  - Re: (no subject) Chris Green (Aug 06)
- RE: (no subject) Miller, Eoin (Aug 04)
- (no subject) RAJNEEL DHOTRE (Aug 05)
  - Re: (no subject) Erek Adams (Aug 05)
    - Re: (no subject) Matt Kettler (Aug 05)
  - Re: (no subject) Patrick S. Harper - CISSP (Aug 05)
- (no subject) JP Vossen (Aug 09)
- Re: (no subject) Marc Quibell (Aug 11)
- (no subject) Stefan Eggert (Aug 26)

(Thread continues...)