Snort

Snort Config provides an intuitive menu-based interface for the GPL IDS tool Snort. SnortConf is a tool that provides a fairly intuitive menu-based text interface for setting up the GPL IDS tool Snort. It also provides error and sanity checking on user input, and an online help facility....

Snort Report is an add-on module for the Snort Intrusion Detection System. Snort Report add-on provides realtime reporting from the MySQL database generated by Snort. It has been tested on Redhat 6.2, 7.0, 7.1, and OpenBSD 2.9.. Symmetrix Technologies is a complete network integrator and...

Fast Logging Project for Snort is designed to gather alerts with payload from distributed snort sensors on a central server and to store them in a database (MySQL and PostgreSQL are supported). On the sensor, the output is written to a process called sockserv. This process is threaded; one...


Platforms: *nix

Snort project is a "lightweight" intrusion detection technology in comparison to commercially available systems. Snort really isnt very hard to use, but there are a lot of command line options to play with, and its not always obvious which ones go together well. This file aims to make using...


Platforms: *nix

Snort::Rule is a Perl extension for dynamically building snort rules. SYNOPSIS use Snort::Rule; $rule = Snort::Rule->new( -action => alert, -proto => tcp, -src => any, -sport => any, -dir => ->, -dst => 192.188.1.1, -dport => 44444, ); $rule->opts(msg,Test Rule");...


Platforms: *nix

Snort Log Monitor and Ticketing System, a PHP based log monitoring and ticketing system for Snort IDS logging to a mySQL database.


Platforms: PHP

This search add-ons allows you to search for Snort IDS rules on the snort.org website.


Platforms: *nix

The port scan plug in for snort, or just portscan for short is intended to be used in conjunction with snort and logcheck. The tool will allow you to monitor your snort log file and then do port scans based upon certain keywords. This program requires nmap and snort. If you want it to run...


Platforms: *nix

Spoink is an output-plugin for snort that works by blocking access to attackers using OpenBSDs pf api. All you need is an OpenBSD machine (or pf compatible), and snort (last version works well). Spoink uses a pf table and a blocking rule to stop "attackers" accessing our system. To protect...


Platforms: *nix

Thresh is an application for Snort that manages alert thresholding and suppression. It was designed to assist the administrator with tuning one or more Snort sensors. The project was designed to run under Red Hat flavors of Linux. It summarizes Snort Alerts by alert count, allows creation and...


Platforms: *nix

fwsnort parses the rules files included in the snort intrusion detection system and builds an equivalent iptables ruleset for as many rules as possible. fwsnort accepts command line arguments to restrict processing to any particular class of snort rules such as "ddos", "backdoor", or...


Platforms: *nix

RazorBack is a log analysis program that interfaces with the SNORT open source Intrusion Detection System to provide real time visual notification when an intrusion signature has been detected on the network. Snort should be configured to send data to syslog for razorback to display the data....


Platforms: *nix

gpss is a gnuplot front end for analyzing snort perfmonitor log files. It offers both 2D and 3D interactive or batch graphing of things like bits per second, packets per second, drop percentage, fragments per second, and more. gpss project is useful as both a performance evaluation tool or a...


Platforms: *nix

SnortALog is a powerfull perl script that summarizes snort logs making it easy to view any attacks against your network. SnortALog works with all versions of SNORT and is the only script who can analyse snort's logs in all formats (Syslog, Fast and Full alerts). Also, it is able to summarize a...


Platforms: *nix

Thresh is an application for Snort that manages alert thresholding and suppression. It was designed to assist the administrator with tuning one or more Snort sensors. The project was designed to run under Red Hat flavors of Linux. It summarizes Snort Alerts by alert count, allows creation and...


Platforms: *nix

Mudpit is an intelligent, modular, and reliable spool processor for Snort's unified format.


Platforms: *nix

Snort_inline is a modified version of Snort. It accepts packets from iptables, instead of libpcap. It uses new rule types to tell iptables if the packet should be dropped or allowed to pass based on the Snort rules.


Platforms: *nix

Logrep is a tool for collection and presentation of information from various logfiles including snort, squid, postfix, apache, sendmail, iptables/ipchains and nt eventlogs. HTML-reports, multi dimensional analysis, ssh and graphs are available.


Platforms: *nix

Analyse your web server log files showing possible intrusion attempts, compatible with SNORT rule files. Network Security Administrators will agree that manually scanning web server logs for intrusion attempts is time consuming and not a loved task, not to mention small details that can so...


Platforms: Windows

barnyard is a fast output system for Snort. The "generic" notes for putting this thing together are below. You can see here the short version. 1.) ./configure 2.) make 3.) make install 4.) Edit the included barnyard.conf with specific details for your system 5.) barnyard -? 7.) Have fun!...


Platforms: *nix