This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New version w/ Snort integration

This may be above and beyond the task list associated with the integration of Snort but I'll shoot out the idea anyway. A friend of mine has set up a Snort box which stores it's logs in a MySQL database. There is a php interface that could be integrated into WebAdmin that allows admins to query the database for customized reports and enhanced search capabilities. I know he did not develop any of this himself so the source code is out there. If you'd like, I can get you some lnks if you feel this is a worthwile endeavor.

Eric

This thread was automatically locked due to age.

Parents

0 Markus Hennig over 23 years ago

Hi eric,

is there anywhere a screeshot of the reports? Can we test it anywhere online or download for a self setup test?

Sounds indeed very interesting - worthy a bigger one endevour ;-)
Cancel
Vote Up 0 Vote Down

Cancel
0 eaustin over 23 years ago in reply to Markus Hennig

My friend is currently composing a How-to. I will forward it on when he's done.

Eric
Cancel
Vote Up 0 Vote Down

Cancel
0 eaustin over 23 years ago in reply to eaustin

I have some screen shots for you in a Word document. Where should I send it?

Eric
Cancel
Vote Up 0 Vote Down

Cancel
0 Orjan Sandland over 23 years ago in reply to eaustin

Hi all,

If you go to http://www.snort.org - you'll find it all. In their download page, there are several frontends to snort available.'

Perhaps I've missed some info on the current intrusion detection system, but I've yet to see that it picks up anything besides false positives...

So, needless to say perhps, I would very much like to see ASL implement Snort and a comprehensive reporting tool for it.

Download page is at http://www.snort.org/downloads.html

Best regards,
Ørjan Sandland
Cancel
Vote Up 0 Vote Down

Cancel
0 eaustin over 23 years ago in reply to Orjan Sandland

The link listed above does have everything necessary. ACID was used as a frontend. "logsnorter" is also available for download at that site. It allows logging from iptables to be stored in a MySQL database as well. If that were accomplished, there would be consistancy to the reporting architecture.

My 2 cents,
Eric
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 eaustin over 23 years ago in reply to Orjan Sandland

The link listed above does have everything necessary. ACID was used as a frontend. "logsnorter" is also available for download at that site. It allows logging from iptables to be stored in a MySQL database as well. If that were accomplished, there would be consistancy to the reporting architecture.

My 2 cents,
Eric
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data