Snort Related Links


Snort Goods


Yen-Ming Chen's Snort Tools Page
 
Downloads available for PicoBSD for snort, snort_stat.pl, and snort php.  Definitely worth a look!

Incident.org's Snort Database Plugin Page 
This web page contains the latest information about database support for the Snort Intrusion Detection System.  The latest database plug-in provides support for logging to MySQL, Postgresql, and any database supported by unixODBC.

Patrick Mullen's Snort Portscan Detection Plugin Page
Home of the Snort Portscan Preprocessor!  Logs the start and end of portscans from a single source IP to the standard logging facility.  If a log file is specified, logs the destination IPs and ports scanned as well as they type of the scan.

SiliconDefense's SnortSnarf Page
SnortSnarf is a Perl program to take files of alerts from the free Snort Intrusion Detection System, and produce HTML output intended for diagnostic inspection and tracking down problems. The model is that one is using a cron job or similar to produce a daily/hourly/whatever file of snort alerts. This script can be run on each such file to produce a convenient HTML breakout of all the alerts.
Authors:  Stuart Staniford-Chen, Silicon Defense (stuart@silicondefense.com) and James Hoagland, Silicon Defense (hoagland@silicondefense.com)

Snorticus - Snorticus is a collection of shell scripts designed to allow easy managment of Snort sensors. It allows you to routinely collect Snort sensor data, analyze the data via SnortSnarf, and easily maintain rule files.
Author: Paul Ritchey

Whitehats.com  
Whitehats is a resource to help network and security administrators by offering free software and community support. This site features the world's first open Intrusion Detection database, arachNIDS. Whitehats is authored and sponsored by Max Vision of Max Vision Network Security - a silicon valley consultant specializing in penetration testing.


Other Great Sites

Genocide2600.com


Packetfactory - A Snort.org affiliate

Rain Forest Puppy
RFP rox.  'Nuff said.

PacketStorm Security - Internet Security Solutions..  Now owned by Kroll O'Gara

DShield.org

DShield.org collects excerpts form a wide range of
firewall/IDS packages. These logs are aggregated to look
for new attack trends, and if the submitter wishes to do
so, forwarded to the ISP/Network contact from which the
attack originated.

"L0pht, Making the theoretical practical since 1992."

eEye Digital Security Team  

"HNN.... The voice of reason."



Computer Security News Daily

ComputerWorld News

Microsoft Security Advisor 

TechnoTronic

Help Net Security

Freshmeat


GeekNews


Slashdot


Daemonnews - News for the BSD Community

Safe Networks
Safe Networks is a Network Security Company based in Brazil.  They also offer a mirror of this site!  Be sure to check them out!

Technotronic
Another of the big "underground" security sites, always worth a visit.

Security Focus
Great resource for all sorts of information, including the Bugtraq on-line vulnerability database!

Fyodor's Playhouse
Home of NMAP, has lots of other solid security info available.

Trinux
Trinux is a floppy disk based distribution of Linux which is specifically focused on Security. Snort is included in Trinux.

OpenSEC: Open Security Solutions
Gathering point for Open Source Security projects and information.

Rhino 9 Security Research Team
One of the few groups out there that is actually producing software. UPDATE: These guys seem to have folded, but they still have some good info.

Attrition.org
What more needs to be said? Go there.

LanGuard
Kinda like Snort, but runs on Windows. Check it out!

Securite.org
I met these guys at the CanSecWest conference, they have a nice (French) site!