Snort mailing list archives
Re: Trending
From: JJC <cummingsj () gmail com>
Date: Wed, 13 Jul 2011 14:27:41 -0600
Any tool can be useful here, but if you want your own stats I would suggest querying the database itself and generating them. Also, if you want bad guys that are scanning ports regularly then I would just use an already known list for that type of stuff and kill them at your firewall. Portscan detection has very low value in the overall scheme of you trying to catch a bad guy. Just my .02 JJC On Wed, Jul 13, 2011 at 2:20 PM, Lay, James <james.lay () wincofoods com>wrote:
Hey all!**** ** ** So…I’ve got Snorby installed…it was a hoot, but it’s done now. My goal for the GUI is to easily see trends over time….try and catch the bad guys that scan 5 ports a day and junk like that. Is Snorby the best for this or is there something else better out there? Thanks for any advice.**** ** ** James**** ------------------------------------------------------------------------------ AppSumo Presents a FREE Video for the SourceForge Community by Eric Ries, the creator of the Lean Startup Methodology on "Lean Startup Secrets Revealed." This video shows you how to validate your ideas, optimize your ideas and identify your business strategy. http://p.sf.net/sfu/appsumosfdev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please see http://www.snort.org/docs for documentation
------------------------------------------------------------------------------ AppSumo Presents a FREE Video for the SourceForge Community by Eric Ries, the creator of the Lean Startup Methodology on "Lean Startup Secrets Revealed." This video shows you how to validate your ideas, optimize your ideas and identify your business strategy. http://p.sf.net/sfu/appsumosfdev2dev
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please see http://www.snort.org/docs for documentation
Current thread:
- Trending Lay, James (Jul 13)
- Re: Trending JJC (Jul 13)
- Re: Trending Paul Halliday (Jul 13)
- Re: Trending James Lay (Jul 13)