Snort mailing list archives

Re: Web UI

From: CunningPike <cunningpike () gmail com>
Date: Tue, 21 Jul 2009 15:30:54 -0700

If you go with sguil, you get the benefit of knowing what is happening
on your network NOW instead of a week ago AND you can use squert to
leverage the sguil database for web reporting.

CP

On Tue, 2009-07-14 at 15:57 -0400, Burks, Doug wrote:

Hi Scott,
 
ACID should not be used anymore.  BASE is definitely more current.  
 
A brand new web front-end called Snorby (http://www.snorby.org/) just
appeared.  It's still in Beta and may not be ready for production
use. 
 
If you don't require a web front-end, I would recommend looking at
Sguil (http://sguil.sourceforge.net/).  It can be installed very
quickly and easily using NSMnow
(http://www.securixlive.com/nsmnow/index.php).  If you'd like to try
Sguil from a LiveCD environment, please take a look at my Security
Onion LiveCD (http://securityonion.blogspot.com/).
 
Thanks,
Doug Burks
 

______________________________________________________________________
From: Scott Elgram [mailto:SElgram () VerifPoint com] 
Sent: Tuesday, July 14, 2009 2:38 PM
To: 'Snort Users List'
Subject: [Snort-users] Web UI



Hello,

            I am looking to setup a new SNORT IDS.  I set one up a
while back with ACID as my UI, I liked it very much but now I’m
looking to build a brand new one and it would seem that many things
have changed sense I did this last.  Most notably, it looks like the
ACID project has been dropped.  Is ACID still a good web based UI for
SNORT or is there a better one these days?  I’d also appreciate your
opinion on BASE which looks pretty much like ACID but seems to be more
current.

 

-Scott

 


------------------------------------------------------------------------------
Enter the BlackBerry Developer Challenge  
This is your chance to win up to $100,000 in prizes! For a limited time, 
vendors submitting new applications to BlackBerry App World(TM) will have
the opportunity to enter the BlackBerry Developer Challenge. See full prize  
details at: http://p.sf.net/sfu/Challenge
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to 
this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users 
list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users

Attachment: signature.asc
Description: This is a digitally signed message part

------------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Web UI Scott Elgram (Jul 14)
- Re: Web UI Joel Esler (Jul 14)
  - Re: Web UI Scott Elgram (Jul 14)
    - Re: Web UI Joel Esler (Jul 14)
    - Re: Web UI Joel Esler (Jul 14)
    - Re: Web UI (UNCLASSIFIED) Craig (Jul 14)
    - Re: Web UI Russell Fulton (Jul 14)
    - Re: Web UI Joel Esler (Jul 14)
- Re: Web UI Burks, Doug (Jul 14)
  - Re: Web UI JJ Cummings (Jul 14)
  - Re: Web UI CunningPike (Jul 21)