[Secureideas-base-devel] Fwd: [Snort-users] Snort Analisys platform
Brought to you by:
secureideas,
sinukas
Menu
▾
▴
[Secureideas-base-devel] Fwd: [Snort-users] Snort Analisys platform
|
From: Joel E. <es...@kn...> - 2004-11-28 23:26:16
|
Hmm.. Check out the link. J Begin forwarded message: > From: Sam Evans <win...@gm...> > Date: November 28, 2004 16:37:08 EST > To: Andreas =D6stling <and...@it...> > Cc: sno...@li... > Subject: Re: [Snort-users] Snort Analisys platform > Reply-To: Sam Evans <win...@gm...> > > Wow, what you have so far looks fantastic!!! > > > On Sun, 28 Nov 2004 18:44:18 +0100 (CET), Andreas =D6stling > <and...@it...> wrote: >> >> >> Not yet, but I'm playing with a tool called Pigris that I hope I'll=20= >> have >> time to finish and release some time (I don't know when though). It=20= >> has >> the look and feel of a web-based alert browser but is a client=20 >> written in >> Perl/Tk that talks to the db. It works well with many sensors and=20 >> events >> and has some other useful features too. There are some early=20 >> screenshots >> and more info at http://people.su.se/~andreaso/pigris/screenshots/ if >> you're interested. >> >> You may also want to checkout Sguil at http://sguil.sf.net/. It = scales >> well but kind of assumes that every event (or correlated group of=20 >> events) >> has to be dealt with by an analyst. This can be a huge strength in=20 >> some >> environments but I'm not sure it would work well if you have 2 = million >> events a day (are your sigs really optimally tuned?) >> >> /Andreas >> >> ------------------------------------------------------- >> SF email is sponsored by - The IT Product Guide >> Read honest & candid reviews on hundreds of IT Products from real=20 >> users. >> Discover which products truly live up to the hype. Start reading now. >> http://productguide.itmanagersjournal.com/ >> _______________________________________________ >> Snort-users mailing list >> Sno...@li... >> Go to this URL to change user options or unsubscribe: >> https://lists.sourceforge.net/lists/listinfo/snort-users >> Snort-users list archive: >> http://www.geocrawler.com/redir-sf.php3?list=3Dsnort-users >> > > > ------------------------------------------------------- > SF email is sponsored by - The IT Product Guide > Read honest & candid reviews on hundreds of IT Products from real=20 > users. > Discover which products truly live up to the hype. Start reading now. > http://productguide.itmanagersjournal.com/ > _______________________________________________ > Snort-users mailing list > Sno...@li... > Go to this URL to change user options or unsubscribe: > https://lists.sourceforge.net/lists/listinfo/snort-users > Snort-users list archive: > http://www.geocrawler.com/redir-sf.php3?list=3Dsnort-users > |