-
Notifications
You must be signed in to change notification settings - Fork 1
Home
davidstelter edited this page Sep 13, 2010
·
7 revisions
snorkel will provide a simple (maybe) web-based frontend for snort:http://www.snort.org alerts in a database. The goal is to provide similar functionality to the Acid/Base frontends, with some notable additions, especially those suggested by Jim Binkley: BinkleySuggestions.
I’ve set up a FreeBSD box at home which is logging snort:http://www.snort.org output with the standard free ruleset into a PostgreSQL database. Hopefully the evil packets arriving at my Comcast cable internet connection will provide a sufficiently interesting set of alert data to work with, if not I’ll add a sensor on PSU’s:http://www.pdx.edu network, which should really catch some evil.