Re: query regarding snort customization
From: Kevin Johnson (kjohnson_at_secureideas.net)
Date: 11/24/04
- Previous message: David Maynor: "Re: ISS Siteprotector as syslog server?"
- In reply to: gaurav_jindal_at_da-iict.org: "query regarding snort customization"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: gaurav_jindal@da-iict.org Date: Wed, 24 Nov 2004 00:55:23 -0500
On Tue, 2004-11-23 at 01:04, gaurav_jindal@da-iict.org wrote:
> Hi all,
>
> I am looking for customized solution for snort, i.e I want to provide
> access to read alerts from database based of grouping ip's , and to
> provide access for reading alerts for these groups accordingly. If I
> provide access to a particular user to access alerts, he should be able to
> read alerts for the group of ip's I have allowed the access.
> If someone has done it or it could be configured on ACID console, or some
> open souce code for doing this is available,please suggest.
>
> regards,
> Gaurav
The BASE project, which is a forked version of ACID under active
development is working toward what you want. The current version
supports user authentication.
Kevin
-------------------
BASE Project Lead
http://sourceforge.net/projects/secureideas
http://base.secureideas.net
The next step in IDS analysis!
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: David Maynor: "Re: ISS Siteprotector as syslog server?"
- In reply to: gaurav_jindal_at_da-iict.org: "query regarding snort customization"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
