• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Snort IDS help...

R

Rogue

Banned
Is there any kind of GUI interface that anyone has made to permit changes to rules when using Snort as an IDS? Any assistance would be greatly appreciated.
 
A GUI for editting the rules themselves or importing new rules and removing others?

A coworker was looking at something that looked like it helped you modify rules, but I didn't pay too much attention. Oinkmaster might provide a web-based tool, but I'm not positive.
 
I just installed Oinkmaster and got it to download new rules and parse them, but it doesn't really provide a GUI interface to modify rules like I was hoping. Plus, I can't seem to get to the Oinkmaster web pages on Sourceforge.
 
Originally posted by: Rogue
I just installed Oinkmaster and got it to download new rules and parse them, but it doesn't really provide a GUI interface to modify rules like I was hoping. Plus, I can't seem to get to the Oinkmaster web pages on Sourceforge.
Click to expand...

The oinkmaster page works for me. Check out snortcenter, it looks exactly like what you are looking for.

GUI tools are teh sux0r though. 😉
 
SnortCenter is exactly what I was looking for I think. Let me get it installed and see what comes of it. I'm a kind of a Linux noob and I'm working on saving the government some money by setting up an internal IDS using Snort rather than spending thousands of dollars needlessly. Since this is the first time I've really installed Linux and Snort, I need something to get me started, then I can start using emacs, etc. to config things a little better. Mind if I PM occasionally for assistance?
 
Originally posted by: Rogue
SnortCenter is exactly what I was looking for I think. Let me get it installed and see what comes of it. I'm a kind of a Linux noob and I'm working on saving the government some money by setting up an internal IDS using Snort rather than spending thousands of dollars needlessly. Since this is the first time I've really installed Linux and Snort, I need something to get me started, then I can start using emacs, etc. to config things a little better. Mind if I PM occasionally for assistance?
Click to expand...

You can. I'm subscribing to the thread too, so if you want to make the questions more public (for others to be able to read and help out) that can work too. 🙂

I've never used snortcenter, so I can't add much about it really. I have setup snort and acid on a number of machines at home over the past couple of years.

Snort is a good choice, but it really isn't my favorite IDS. I'll rank it over a lot of commercial products though.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top