RE: SnortSMS

["Eric Hines" <eric.hines () appliedwatch com>]

Tony,

Interesting, that's the first time I've seen that project. In looking at the
screenshots, its basically ACID/BASE with Sensor management minus the alert
console and reports, right? 

Raju: I'm sure Tony realized its inability to display alert data and was
looking at it purely for Snort sensor management. I'm sure he was planning
to utilize that project to manage his sensors alongside another Snort
alerting console.


Best Regards,

Eric Hines, GCIA, CISSP
CEO, President, Chairman
Applied Watch Technologies, LLC
1134 N. Main St.
Algonquin, IL 60102
Tel: (877) 262-7593 e:327
Fax: (877) 262-7593
Mob: (847) 456-6785
Web: http://www.appliedwatch.com
----------------------------------------------------------------------------
- 
Enterprise Snort Management at http://www.appliedwatch.com.
Security Information Management for the Open Source Enterprise.
----------------------------------------------------------------------------
-


-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of M Raju
Sent: Tuesday, May 24, 2005 7:01 PM
To: Anthony J Placilla
Cc: snort-users () lists sourceforge net
Subject: Re: [Snort-users] SnortSMS

These (web frontends) are nice, but what else can you do with alert data?
Does it provide a way to drill down and check for false positives, access to
raw data (pcaps), etc? What about session, stat data?


Without the above it is hard if not nearly impossible to validate
intrusions. The only suite I have found so far that really helps me
tremendously is SGUIL (http://sguil.sf.net)

Check it out yourself and if you have any questions come join us at
#snort-gui on freenode...

Cheers..

_Raju 

On 5/24/05, Anthony J Placilla <anthony_placilla () suth com> wrote:
> Has anyone used SnortSMS (http://snortsms.servangle.net/) for sensor 
> management? If so could you share your experiences
>
> --
> Tony Placilla, RHCT
> anthony_placilla () suth com
>
> J.O.A.T.
>
> GPG-Key-ID: 1024D/C78F8B64              http://pgp.mit.edu
> Key fingerprint = A8D5 7AFF CE88 4179 C792  D9A9 F197 2A15 C78F 8B64
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by Yahoo.
> Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
> Search APIs Find out how you can build Yahoo! directly into your own 
> Applications - visit 
> http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users


--
May the packets be with you.


-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit
http://developer.yahoo.net/?fr______________________________________________
_
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list



-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users