Snort mailing list archives
AW: OpenSource Alternative to SourceFire's RNA
From: "Poppi, Sandro" <Sandro.Poppi () wacker com>
Date: Wed, 31 Mar 2004 07:26:53 +0200
Josh, We set up a Open Source project called Threatman (http://sourceforge.net/projects/threatman) which's goal is to correlate events from IDS/IPS/Firewalls/syslogs/... with data stored in a database genereated by tools like nmap/nessus/... using IDMEF as the internal event representation. It currently is in a very early state and not much to see, but we'd apreciate any help >;) Interested? Regards, Sandro
Is anyone working on OpenSource Alternatives to SourceFire's RNA product? I was thinking about using p0f to dump OS information into a file and then export it to a database but I really would like to gather service level information and eventually passively identify vulnerabilities. The only ways that I can think of getting any of this kind of information passively is with NTOP or developing signatures for Snort alerting on specific services (Seeing Apache 1.3.29 in an HTTP string), sending that data to a file and then exporting it with another program only updating new entries. At any level it would be a massive undertaking, anyone interested? ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- AW: OpenSource Alternative to SourceFire's RNA Poppi, Sandro (Mar 31)
- <Possible follow-ups>
- AW: OpenSource Alternative to SourceFire's RNA Sean Wheeler (Mar 31)