Symantec DeepSight Analyzer is a free service that gives you the ability to track and manage attacks on your computer. Sending your 'alert.log' to Symantecs DeepSight Analyzer, they will automatically correlate attacks from your Snort based Intrusion Detection Systems log (alert.ids), sending you a comprehensive view of your computer or general network.

Category: Recommended Snort Sites

Added on: Jul 18, 2008 | Hits: 2066

This is the home of IDS Policy Manager for Windows. IDS Policy Manager is a Visual Basic application that was written to easily manage policies for multiple Snort sensors. It was written to incorporate features to make managing snort as easy and as powerful as possible.

Category: Recommended Misc Sites

Added on: Jul 18, 2008 | Hits: 1402

This document is not a guide about how to fine-tune a sensor to nail out false positives and such, it just tries to summarize different approaches you can take after deciding that you in fact want to stop an alert from firing. Also, while Snort supports different kind of thresholding, this document is only about how to shut down specific alerts completely. The content reflects my personal opinions, which may not be valid in your environment, or even correct.

Category: Recommended Snort Sites

Added on: Jul 18, 2008 | Hits: 1239

SAM Jr provides real-time analysis of Snort data. SAM Jr is written in Java and should run anywhere a modern JVM is available. SAM Jr will be extendable via plugins so that custom actions can be written easily.

Category: Recommended Misc Sites

Added on: Jul 18, 2008 | Hits: 1163

SnortALog is a powerfull perl script that summarizes snort logs making it easy to view any attacks against your network.

SnortALog works with all versions of SNORT and is the only script who can analyse snort's logs in all formats (Syslog, Fast and Full alerts). Also, it is able to summarize Fw-1 (NG and 4.1), Netfilter and IPFilter logs in a simmilar way.

Category: Recommended Snort Sites

Added on: Jul 18, 2008 | Hits: 1085

The Aggregation Point for Snort Signatures and Related Security Research...

Category: Recommended Misc Sites

Added on: Jul 18, 2008 | Hits: 1068

This site will cover the basics of IP addressing and subnetting.
Topics covered will include:

Category: Recommended Misc Sites

Added on: Jul 18, 2008 | Hits: 995

This is the home of Chris Reid. Chris is the person responsible for the Win32 code for Snort. The latest updates to Snort can always be found there.

Category: Recommended Snort Sites

Added on: Jul 18, 2008 | Hits: 994

Metasploit provides useful information to people who perform penetration testing, IDS signature development, and exploit research. This project was created to provide information on exploit techniques and to create a useful resource for exploit developers and security professionals. The tools and information on this site are provided for legal security research and testing purposes only.

Category: Recommended Misc Sites

Added on: Dec 15, 2009 | Hits: 907

Emerging Threats is an open source community project. Through the support of our community we are able to produce the fastest moving and most diverse Snort Signature set and firewall rules available.

We exist because of the community. These are your rules!

Category: Recommended Snort Sites

Added on: Jan 01, 2010 | Hits: 633

Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.

Category: Recommended Misc Sites

Added on: Dec 15, 2009 | Hits: 531

MicroOLAP TCPDUMP is a command-line packet capture tool for Windows, and a clone of TCPDUMP, the popular command-line packet capture tool, based on Packet Sniffer SDK. It can provide very detailed information about any network conversation that runs across the wire.

Category: Recommended Misc Sites

Added on: Sep 20, 2012 | Hits: 144