PortscanGeoinfo is a plugin for the powerful Prelude correlation engine. This plugin correlates alerts from Snort NIDS and OSSEC HIDS sensors regarding portscans. Geographical information (GeoIP) is included in the correlated alert.
Features
- GeoIP lookup
- correlation of IDMEF events (prelude-correlator)
- correlation of portscans
Categories
Network MonitoringLicense
GNU General Public License version 2.0 (GPLv2)Follow PortscanGeoinfo
You Might Also Like
ConnectWise SIEM (formerly Perch) offers threat detection and response backed by an in-house Security Operations Center (SOC). Defend against business email compromise, account takeovers, and see beyond your network traffic. Our team of threat analysts does all the tedium for you, eliminating the noise and sending only identified and verified treats to action on. Built with multi-tenancy, ConnectWise SIEM helps you keep clients safe with the best threat intel on the market.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of PortscanGeoinfo !