Thursday, September 28, 2006

Snort and ModSec2Sguil

I know I haven't been posting in my blog for quite sometimes, lots of things in my mind that I have to get it done. However for those who is snort lover, the snort 2.6.1 beta2 is already out for quite sometimes, and I just noticed it. Lots of decoders are added to solve the detection issue. I hope I can spare my time to test those preprocessors but this is not the case, maybe next month or when snort 2.6.1 releases.

For Sguil Lovers, check out -

Mod_Security Logs now can be managed and analyzed thru Sguil, thanks to Victorj who has written ModSec2Sguil. I hope it will be added as extra features for Sguil. This is good news for serious and heavy users of Mod_Security. You can have centralized center to perform analysis on Mod_Sec Logs now.

I will try my best to write more about NSM stuffs when I have time, currently I'm still testing OpenBSD PF layer 2 filtering stuffs and hopefully I can blog about it when I have time.

Cheers :]

No comments: