PortscanGeoinfo is a plugin for the powerful Prelude correlation engine. This plugin correlates alerts from Snort NIDS and OSSEC HIDS sensors regarding portscans. Geographical information (GeoIP) is included in the correlated alert.

Features

  • GeoIP lookup
  • correlation of IDMEF events (prelude-correlator)
  • correlation of portscans

Project Activity

See All Activity >

Categories

Network Monitoring

License

GNU General Public License version 2.0 (GPLv2)

Follow PortscanGeoinfo

PortscanGeoinfo Web Site

You Might Also Like
Fully managed relational database service for MySQL, PostgreSQL, and SQL Server Icon
Fully managed relational database service for MySQL, PostgreSQL, and SQL Server

Focus on your application, and leave the database to us

Cloud SQL manages your databases so you don't have to, so your business can run without disruption. It automates all your backups, replication, patches, encryption, and storage capacity increases to give your applications the reliability, scalability, and security they need.
Try for free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of PortscanGeoinfo !

Additional Project Details

Operating Systems

Linux, OpenBSD, FreeBSD, NetBSD

Languages

English

Intended Audience

Advanced End Users, System Administrators

Programming Language

Python

Related Categories

Python Network Monitoring Software

Registered

2011-01-21
Report inappropriate content