thresh
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 2
Thresh 1.5.0b
Thresh is an application for Snort that manages alert thresholding and suppression. more>>
Thresh is an application for Snort that manages alert thresholding and suppression. It was designed to assist the administrator with tuning one or more Snort sensors. The project was designed to run under Red Hat flavors of Linux.
It summarizes Snort Alerts by alert count, allows creation and editing of threshold.conf files, prunes your Snort database based on your tunings, and allows you to preview your alert suppressions before deletion.
Enhancements:
- DB queries were corrected.
- Database pruning based on suppression sets was added.
- A major code cleanup was undertaken.
- All errors with signature name queries were corrected along with all read/write calls to config files.
- The number of floating variables between POSTs on all pages was reduced. Descriptions were added to description boxes. Rule edit/delete options were added. Issues with alert counts were corrected.
- A cool way was devised to do CIDR block DELETEs and SELECTs in MySQL.
<<lessIt summarizes Snort Alerts by alert count, allows creation and editing of threshold.conf files, prunes your Snort database based on your tunings, and allows you to preview your alert suppressions before deletion.
Enhancements:
- DB queries were corrected.
- Database pruning based on suppression sets was added.
- A major code cleanup was undertaken.
- All errors with signature name queries were corrected along with all read/write calls to config files.
- The number of floating variables between POSTs on all pages was reduced. Descriptions were added to description boxes. Rule edit/delete options were added. Issues with alert counts were corrected.
- A cool way was devised to do CIDR block DELETEs and SELECTs in MySQL.
Download (0.032MB)
Added: 2007-03-26 License: GPL (GNU General Public License) Price:
981 downloads
Logscan 0.4
Logscan provides a tool to generate emails in response to security probes or attacks. more>>
Logscan provides a tool to generate emails in response to security probes or attacks.
Logscan is a tool to assist in generating complaint emails in response to security probes or attacks. Logscan scans through logs looking for patterns and if certain thresh-holds are reached it sends a template email to the local administrators for approval. If the administrator sees the attack is not a mistake they can forward the email to the ISP who owns the attacking IPs.
Logscan has the beginings of an interesting module/library called "whois" which is loosely based on work by Scott Hassan.
This module traverses the tree of various whois servers untill it finds the whois record for the ISP that owns the offending IP and then grabbing the emails of admins responsible there.
As this module evolves it will grab other pieces of information from the whois record (unfortunately there appears to be a variety of formats for whois records).
<<lessLogscan is a tool to assist in generating complaint emails in response to security probes or attacks. Logscan scans through logs looking for patterns and if certain thresh-holds are reached it sends a template email to the local administrators for approval. If the administrator sees the attack is not a mistake they can forward the email to the ISP who owns the attacking IPs.
Logscan has the beginings of an interesting module/library called "whois" which is loosely based on work by Scott Hassan.
This module traverses the tree of various whois servers untill it finds the whois record for the ISP that owns the offending IP and then grabbing the emails of admins responsible there.
As this module evolves it will grab other pieces of information from the whois record (unfortunately there appears to be a variety of formats for whois records).
Download (0.033MB)
Added: 2007-04-13 License: GPL (GNU General Public License) Price:
926 downloads
Secleted [ 0 ] software to compare
- Page: 1 of 1
- 1
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above thresh search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
