[Snort-users] snort-nessus-correlation: honeysuckle vs. ids alert verification
This is a discussion on [Snort-users] snort-nessus-correlation: honeysuckle vs. ids alert verification within the Snort forums, part of the System Security and Security Related category; Hi, Does anyone know how they work exactly? (I have found nothing about their output format and how the are ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-28-2004
|
|||
|
|||
[Snort-users] snort-nessus-correlation: honeysuckle vs. ids alert verification
Hi,
Does anyone know how they work exactly? (I have found nothing about their output format and how the are filtering out data) --How works the process of filtering? Any changes made to sid-msg.map after correlation? (in example: removing sids for which the network isn't vulnerable for) --All outputs supported? (I'd like to use the unified format) --How does honeysuckle handle vulnerabilities? (ids alert verification has the possibility to give alerts back to the snort-engine which it couldn't verify as "vulnerability" or "non vulnerability", honeysuckle too?) Thanks in advance, Steffen ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
