index

该软件是一个有名的基于网络的入侵检测系统

The contrib directory contains the following programs:

Guardian - a script that automatically reconfigures ipchains firewalls based on
Snort alerts

address_config.sh - made by a laptop user that changes his IP configuration
frequently, allows Snort to change its address space quickly and painlessly as
well.

snortlog - perl script that provides syslog alert summaries and reverse
attacker name resolution

snort_stat.pl - perl script that provides a statistical analysis of syslog
alerts produced by Snort

snort2html.pl - generates web pages from snort alerts

SnortSnarf-062000.tar.gz -  Code to parse a file of snort alerts and produce
HTML output intended for diagnostic inspection and tracking down problems.  The
model is that one is using a cron job or similar to produce a 
daily/hourly/whatever file of snort alerts.  This script can be run on each
such file to produce a convenient HTML breakout of all the alerts.

snort-sort.pl - this script produces a sorted list of snort alerts from a snort
alert file

snortwatch-0.7 - This is a little tool to help keep track of alerts generated
by the excellent IDS tool snort. I've mostly tested snortwatch against version
1.5.x of snort and although the output of 1.6 seems very similar if not to say
identical, there may still be some type of alert I haven't come across that
could throw off the parsing. 

Net-SnortLog-0.1.tar.gz - a Perl module for manipulating snort log files.

passiveOS.tar.gz - Craig Smith has finished writing the Passive OS detection
for snort (log_dir and alert file) 

create_mysql - creates tables for MySQL database logging

create_postgresql - creates tables for PostgreSQL database logging

mysql.php3 - display your MySQL database events from your PHP web servers

pgsql.php3 - display  your PostgreSQL database events from your PHP web servers