Snort Related Links

Snort Goods

Yen-Ming Chen's Snort Tools Page
Downloads available for PicoBSD for snort,, and snort php.  Definitely worth a look!'s Snort Database Plugin Page 
This web page contains the latest information about database support for the Snort Intrusion Detection System.  The latest database plug-in provides support for logging to MySQL, Postgresql, and any database supported by unixODBC.

Patrick Mullen's Snort Portscan Detection Plugin Page
Home of the Snort Portscan Preprocessor!  Logs the start and end of portscans from a single source IP to the standard logging facility.  If a log file is specified, logs the destination IPs and ports scanned as well as they type of the scan.

SiliconDefense's SnortSnarf Page
SnortSnarf is a Perl program to take files of alerts from the free Snort Intrusion Detection System, and produce HTML output intended for diagnostic inspection and tracking down problems. The model is that one is using a cron job or similar to produce a daily/hourly/whatever file of snort alerts. This script can be run on each such file to produce a convenient HTML breakout of all the alerts.
Authors:  Stuart Staniford-Chen, Silicon Defense ( and James Hoagland, Silicon Defense (

Snorticus - Snorticus is a collection of shell scripts designed to allow easy managment of Snort sensors. It allows you to routinely collect Snort sensor data, analyze the data via SnortSnarf, and easily maintain rule files.
Author: Paul Ritchey  
Whitehats is a resource to help network and security administrators by offering free software and community support. This site features the world's first open Intrusion Detection database, arachNIDS. Whitehats is authored and sponsored by Max Vision of Max Vision Network Security - a silicon valley consultant specializing in penetration testing.

Other Great Sites

Packetfactory - A affiliate

Rain Forest Puppy
RFP rox.  'Nuff said.

PacketStorm Security - Internet Security Solutions..  Now owned by Kroll O'Gara collects excerpts form a wide range of
firewall/IDS packages. These logs are aggregated to look
for new attack trends, and if the submitter wishes to do
so, forwarded to the ISP/Network contact from which the
attack originated.

"L0pht, Making the theoretical practical since 1992."

eEye Digital Security Team  

"HNN.... The voice of reason."

Computer Security News Daily

ComputerWorld News

Microsoft Security Advisor 


Help Net Security




Daemonnews - News for the BSD Community

Safe Networks
Safe Networks is a Network Security Company based in Brazil.  They also offer a mirror of this site!  Be sure to check them out!

Another of the big "underground" security sites, always worth a visit.

Security Focus
Great resource for all sorts of information, including the Bugtraq on-line vulnerability database!

Fyodor's Playhouse
Home of NMAP, has lots of other solid security info available.

Trinux is a floppy disk based distribution of Linux which is specifically focused on Security. Snort is included in Trinux.

OpenSEC: Open Security Solutions
Gathering point for Open Source Security projects and information.

Rhino 9 Security Research Team
One of the few groups out there that is actually producing software. UPDATE: These guys seem to have folded, but they still have some good info.
What more needs to be said? Go there.

Kinda like Snort, but runs on Windows. Check it out!
I met these guys at the CanSecWest conference, they have a nice (French) site!