lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 11 Nov 2010 10:14:15 -0500
From: "Champ Clark III [Softwink]" <champ@...twink.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Building wireless IDS system (article) | Sagan
	with Prelude


	Hello All, 

	I've released a new article I've been working on for a bit.  Its
title is,  "Building wireless IDS systems using open source".   The idea
of this article is to use open source solutions (Snort, Kismet, Sagan, hostapd)
to build wireless IDS systems that report back to a unified/single console
for threat analysis.   It has a bit of a different 'twist' from previous
wireless IDS articles.   Let me know what you think about it.   

It can be found at:

http://sagan.softwink.com/papers/wireless-ids

	I've also released a new version of Sagan (0.1.7) that supports 
the Prelude frame work.  I'm pretty excited about Sagan's Prelude output
format.   This gives Sagan IDMEF output and can log to a Prelude back end for
viewing with Prelude's "Prewikka".    Of course,  all the standard Sagan
to Snort logging (MySQL/PostgreSQL) are still there :)

For more information on Sagan,  please check out:

http://sagan.softwink.com

Screen shots of Prelude,  Snorby and BASE can be found at:

http://sagan.softwink.com/screenshots.html

-- 
        Champ Clark III | Softwink, Inc | 800-538-9357 x 101
                     http://www.softwink.com

GPG Key ID: 58A2A58F
Key fingerprint = 7734 2A1C 007D 581E BDF7  6AD5 0F1F 655F 58A2 A58F
If it wasn't for C, we'd be using BASI, PASAL and OBOL.

Content of type "application/pgp-signature" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ