You can find our first post regarding Snorby here. Now, the Snorby Preconfigured Security Applications (SPSA) has been updated to version 1.5.
“The Snorby preconfigured security applications, allows effortless use of Snorby for everyone. It is the new and modern Snort IDS front-end. With (SPSA) Snorby Preconfigured Security Applications, it is possible to get Snorby and Snort up and running out of the box within a few minutes.”
This is the change log for SPSA v1.5:
- Email reporting support enabled (Postfix Gmail relay or Snorby standalone mode)
- New snort start/stop script
- Added snort 2.8.6.1-1
- Oinkmaster ssl certificates fixed
- Emerging threats rules fixed
Download Snorby Preconfigured Security Applications v1.5 (SPSA) here.
Tagged as: intrusion detection system, Open source Intrusion Detection System, Snorby, snort
You can find our first post regarding Snorby here. Now, the Snorby Preconfigured Security Applications has been updated to version 1.4.
The Snorby preconfigured security applications, allows effortless use of Snorby for everyone. It is the new and modern Snort IDS front-end. With (SPSA) Snorby Preconfigured Security Applications, it is possible to get Snorby and Snort up and running out of the box within a few minutes.
This is the change log for SPSA v1.4:
- Snort 2.8.6 added
- Apache2-ssl support added ( https://ipaddress:8080 )
- Crontab issue fixed
- Webmin removed
- Shellinabox removed
- Turnkey linux configuration console modified
- Snorby installation moved to /var/Snorby
Download Snorby Preconfigured Security Applications v1.4 here.
Searches leading to this post:
preconfigured snort,
snorby update,
snort pre configured
Tagged as: intrusion detection system, Open source Intrusion Detection System, Snorby, snort
We all know the greatness of Snort – which has been mentioned many times previously – but, primarily here. There are many snort front ends too! What sets Snorby apart from the others is its simple, yet modern and powerful web front-end to the Snort IDS. It is a free, open source and highly competitive application for network monitoring for both private and enterprise use.
If you are an enterprise user, you sure can try it in your environment and measure it’s power. We have tried to list down its features. They are:
- Reporting: Snorby will handle the reporting for you! With the ability to export to many popular formats and index security events for fast searching! Currently snorby supports XML, CSV and PDF export formats.
- Scheduling: With Snorby you can setup a reports for the future and be notified via email upon completion. Snorby also creates a daily, weekly and monthly report so you always have a snapshot and documentation.
- Collaboration: Every security event has the ability for comments and notes! This is very useful if you need a reminder or if you wish to delegate the event to a colleague.
- Teammates: Snorby also has a feature called ‘Teammates‘ which lets you add contact information of other peoples and quickly send events to the appropriate parties.
- Organized: Snorby likes to be organized and its workflow will get you there too! With the ability to document and search events you will never misplace important data again!
- Open Source: With a completely open API and with the source at your fingertips the possibilities are endless for customization.
The main reason for us posting about Snorby in addition to it being a great tool, is the Snorby Virtual Appliance by Mr. Phillip Bailey. He has developed the Snorby virtual appliance and the ISO solution, to provide a pre-configured out of the box Snorby front-end for Snort. The vurtual appliance is intended for security professionals with a depth knowledge of intrusion detection and security monitoring. Nevertheless, beginners can use the appliance to understand and learn about intrusion detection and network security.
The appliance has Ubuntu Server 8.04 JEOS LTS installed alongwith Snort version 2.8.5.3 and Mysql 5.1.37. It also has a cron job defined to update Snort rules using OinkMaster every day at 21:30 PM or manual update with sudo update snortrules. The latest version released is version 1.3, which can be downloaded here.
As for the non-virtual appliance based Snorby version 1.1.3, you can download it here.
Searches leading to this post:
snorby,
snort frontend,
snort front end,
snort appliance,
snorby windows,
free snort appliance,
SNort front-ends open source,
snort front-end,
snort for windows free download,
snort 2 8 6 ubuntu 8 04,
download snorby,
snorby manual,
snorby logon,
Snorby howto,
frontend snort,
front ends for snort,
snort vm appliance
Tagged as: intrusion detection system, Open source Intrusion Detection System, Snorby, snort
