If there is a site that should be listed here or if a link goes dead, please let me know.
- Snort packet sniffer/logger
- AirSnort : wireless LAN
tool which recovers encryption keys
- Flying
Pigs: Snorting Next Generation Secure Log Servers over TCP
- Hogwash drops or modifies specific packets based on a signature match
- IDS Policy Manager
for multiple Snort sensors
- Quick Search for Policy
- Support for vcp and custom script upload updates
- Support for all Preprocessors up to Snort 1.9
- Support for All documented config options
- Support to quickly ssh to sensors
- Reset a Policy from another local Policy
- Reset a Policy from a policy via the web
- Each Policy can have it’s own location to check for updates
- Selectable Web auto update
- Auto update from a different local policy
- Support for SnortSam output Processor
- Quick Search for Policy
- Prelude Hybrid IDS
Prelude IDS is a modular hybrid intrusion detection system,
available under the GNU GPL licence. An interesting feature of Prelude is the
IDMEF-based messaging system allowing exchange of alerts between the components
of the system. The design of the messaging system allows integration with
third-party applications by making them capable of sending alerts in the common
format using the libprelude library. This provides the capability of centralized
processing and logging of alerts emmited by various sensors, both host- and
network based.
- RazorBack a log analysis program that interfaces
with the SNORT
- Snot Triggers snort alerts taking a snort rules file as input. Use to decoy
your local IDS admin
- SnortCenter :
web-based client-server management system written in PHP and Perl
- Snort IDScenter
- Snort configuration wizard (variables, preprocessor plugins, output plugins,
rulesets)
- Alert notification via e-mail, sound or only visual notification
- Alert file monitoring (up to 10 files)
- MySQL alert detection
- Log rotation (compressed archiving of log files)
- AutoBlock (using NetworkICE BlackICE Defender you can block attackers IP’s
that Snort logged)
- Integrated log viewer (supports text files, XML and HTML/webpages)
- Program execution if an attack was detected
- Test configuration feature: fast testing of your IDS configuration
- Snort configuration wizard (variables, preprocessor plugins, output plugins,
- SnortSnarf Perl program to take files of alerts
from the free Snort Intrusion Detection System , and produce HTML output
intended for diagnostic inspection and tracking down problems.
- Short Whitepapers / Documentation
- About Snort
- Deploying Snort
- IDS Installation with Mandrake 8.2, Snort, Webmin, Roxen
Webserver, ACID, MySQL
- Network Intrusion Detection Using Snort
- Snort 2.0 : Detection Revisited
- Snort documentation
- Step-by-step instructions to install snort & acid on red hat
8.0
- Using Snort
for distributed intrusion detection
- About Snort
- Windows version (including XP)