Snort Database Plugin Page
This web page contains the latest information about database support for the Snort Intrusion Detection System. The latest database plug-in provides support for logging to MySQL, Postgresql, and any database supported by unixODBC.
Mullen's Snort Portscan Detection Plugin Page
Home of the Snort Portscan Preprocessor! Logs the start and end of portscans from a single source IP to the standard logging facility. If a log file is specified, logs the destination IPs and ports scanned as well as they type of the scan.
SiliconDefense's SnortSnarf Page
SnortSnarf is a Perl program to take files of alerts from the free Snort Intrusion Detection System, and produce HTML output intended for diagnostic inspection and tracking down problems. The model is that one is using a cron job or similar to produce a daily/hourly/whatever file of snort alerts. This script can be run on each such file to produce a convenient HTML breakout of all the alerts.
Authors: Stuart Staniford-Chen, Silicon Defense (firstname.lastname@example.org) and James Hoagland, Silicon Defense (email@example.com)
Snorticus - Snorticus is a
collection of shell scripts designed to allow easy managment of Snort sensors.
It allows you to routinely collect Snort sensor data, analyze the data via
SnortSnarf, and easily maintain rule files.
Author: Paul Ritchey
Whitehats is a resource to help network and security administrators by offering free software and community support. This site features the world's first open Intrusion Detection database, arachNIDS. Whitehats is authored and sponsored by Max Vision of Max Vision Network Security - a silicon valley consultant specializing in penetration testing.
Packetfactory - A Snort.org affiliate
Rain Forest Puppy
RFP rox. 'Nuff said.
PacketStorm Security - Internet Security Solutions.. Now
owned by Kroll O'Gara
DShield.org collects excerpts form a wide range of
firewall/IDS packages. These logs are aggregated to look
for new attack trends, and if the submitter wishes to do
so, forwarded to the ISP/Network contact from which the
"L0pht, Making the theoretical practical since 1992."
eEye Digital Security Team
"HNN.... The voice of reason."
Computer Security News Daily
Microsoft Security Advisor
Help Net Security
Daemonnews - News for the BSD Community
Safe Networks is a Network Security Company based in Brazil. They also offer a mirror of this site! Be sure to check them out!
Another of the big "underground" security sites, always worth a visit.
Great resource for all sorts of information, including the Bugtraq on-line vulnerability database!
Trinux is a floppy disk based distribution of Linux which is specifically focused on Security. Snort is included in Trinux.
Rhino 9 Security
One of the few groups out there that is actually producing software. UPDATE: These guys seem to have folded, but they still have some good info.
Kinda like Snort, but runs on Windows. Check it out!
I met these guys at the CanSecWest conference, they have a nice (French) site!