Skip to content
davidstelter edited this page Sep 13, 2010 · 7 revisions

Aims of the project

snorkel will provide a simple (maybe) web-based frontend for snort alerts in a database. The goal is to provide similar functionality to the Acid/Base frontends, with some notable additions, especially those suggested by Jim Binkley .

Infrastructure

I’ve set up a FreeBSD box at home which is logging snort output with the standard free ruleset into a PostgreSQL database. Hopefully the evil packets arriving at my Comcast cable internet connection will provide a sufficiently interesting set of alert data to work with, if not I’ll add a sensor on PSU’s network, which should really catch some evil.

Clone this wiki locally