About:
SnortCon is a Web based utility that provides a high-level overview of the threats that a network is facing. SnortCon requires that Snort is logging to a MySQL database. The interface updates at user configurable intervals to show the following information: top/recent attacks, top/recent attackers, number of events over the past {5,15,30,60} minutes, and the current SnortCon. The SnortCon can be three values, HIGH, MEDIUM, OR LOW. It is calculated based on the number of Snort events that have been generated during a pre-defined interval. An attack profile is also displayed in a graphical form for the last 60 minutes and last 24 hours. Recent Attack Detail for the past 30 minutes is also available. The tool is primarily intended to be high-level and not meant to replace detailed analysis tools such as ACID.

Author:
rohan [contact developer]

Rating:	reset 1 2 3 4 5 6 7 8 9 10
(not rated)

Homepage:
http://snortcon.sourceforge.net
Tar/GZ:
http://prdownloads.sourceforge.net/snortcon/snortcon-0.01.tar.gz?download

Trove categories: [change]

[Development Status]		2 - Pre-Alpha
[Environment]		Web Environment
[Intended Audience]		System Administrators
[License]		OSI Approved :: GNU General Public License (GPL)
[Operating System]		OS Independent
[Programming Language]		PHP
[Topic]		Security, System :: Monitoring, System :: Systems Administration

Dependencies: [change]
No dependencies filed