RE: [Snort-users] Recommendation for IDS reporting tools?
This is a discussion on RE: [Snort-users] Recommendation for IDS reporting tools? within the Snort forums, part of the System Security and Security Related category; I really appreciate everyone's suggestion. However, does anybody tried Tenable's Lightning for reporting? I'm seriously considering Sguil ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
03-17-2005
|
|||
|
|||
RE: [Snort-users] Recommendation for IDS reporting tools?
I really appreciate everyone's suggestion. However, does anybody tried Tenable's Lightning for reporting? I'm seriously considering Sguil or Tenable Lightning.
Hugo "Basselgia, Barry A Mr (NAF Atsugi)" <BABasselgia@atsugi.navy.mil> wrote: >I use Aanval, it uses the same mysql database as ACID/BASE, so it will work >with anything you can feed into the database. *I use unified logging on my >snort sensors and barnyard to feed the database. > >I find that I use both BASE and Aanval depending on what I'm looking >for/doing at the time. *Aanval has some near real time monitors that I >really like. *But, when I'm digging into things I find BASE to be more >useful. > >Barry > > >-----Original Message----- >From: snort-users-admin@lists.sourceforge.net >[mailto:snort-users-admin@lists.sourceforge.net]On Behalf Of Alex >Butcher, ISC/ISYS >Sent: Wednesday, March 16, 2005 6:07 PM >To: Hugo; snort-users@lists.sourceforge.net >Subject: Re: [Snort-users] Recommendation for IDS reporting tools? > >... > > >> Has anybody tried Aanval? Any testimonial? THanks in advance! > >Tried it, didn't like it; not as functional as ACID/BASE, and, IIRC, it >won't work with unified logging (which is a show-stopper for a production >NIDS, IMHO). > >> Hugo > >Best Regards, >Alex. >-- >Alex Butcher: Security & Integrity, Personal Computer Systems Group >Information Systems and Computing * * * * * * GPG Key ID: F9B27DC9 >GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9 > > > > > >------------------------------------------------------- >SF email is sponsored by - The IT Product Guide >Read honest & candid reviews on hundreds of IT Products from real users. >Discover which products truly live up to the hype. Start reading now. >http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click >_______________________________________________ >Snort-users mailing list >Snort-users@lists.sourceforge.net >Go to this URL to change user options or unsubscribe: >https://lists.sourceforge.net/lists/...fo/snort-users >Snort-users list archive: >http://www.geocrawler.com/redir-sf.p...st=snort-users > __________________________________________________ ________________ Switch to Netscape Internet Service. As low as $9.95 a month -- Sign up today at http://isp.netscape.com/register Netscape. Just the Net You Need. New! Netscape Toolbar for Internet Explorer Search from anywhere on the Web and block those annoying pop-ups. Download now at http://channels.netscape.com/ns/search/install.jsp ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
