S.L.A.F.F. beta

Announcements of packages that are now released.

Postby snatch » Sat Apr 09, 2005 11:42 am

I have had a play with snort, and liked it so much that i decided to try and find out more about what was going on with the attacks etc. As no mysql logging compiled in, S.L.A.F.F. was born.

I have a static demo at <a href='http://www.tecknow.pwp.blueyonder.co.uk' target='_blank'>SLAFF Demo</a>.

Written in php and mysql as a backend, so you will need apache,snort and cron running.

A few things to tidy up with the code, tcp, udp bars etc.

Is anybody interested?


Snatch :colgate:
User avatar
snatch
Newbie
 
Posts: 3
Joined: Wed Apr 28, 2004 8:02 am
Location: Saltash, Cornwall U.K.

Postby PHBC50 » Sat Apr 09, 2005 12:52 pm

It seems nice...
But does it have any actions in response to the attacks it detects, like snort did ( ie by stealthing ports, blocking ip, etc...) ?
regards,
phbc50
The only way of discovering the limits of the possible is to venture a little way past them into the impossible. (Arthur C Clarke)
User avatar
PHBC50
Junior Advanced Member
 
Posts: 139
Joined: Thu Nov 21, 2002 8:59 pm
Location: France

Postby snatch » Sat Apr 09, 2005 1:09 pm

Slaff just takes the information from the logs that snort ouputs and dumps it into a database, what you see in the demo is just an the snort logs, alerts, portscan.log and snortblock.log.

A php script is called by cron to extract the data.

Hope this helps


Snatch :unsure:
User avatar
snatch
Newbie
 
Posts: 3
Joined: Wed Apr 28, 2004 8:02 am
Location: Saltash, Cornwall U.K.

Postby Guest_xj600 » Fri Jun 17, 2005 12:27 pm

im realy intrested.
But im "almost" a "scriptkiddie" :( so im waiting for a relese.
It would be realy nice to have a easy overveiw of snarf or most preferd snort!
Guest_xj600
 


Return to 3rd Party Package Release Announcements

Who is online

Users browsing this forum: No registered users and 7 guests

cron