Hello All,
I've released a new article I've been working on for a bit. Its
title is, "Building wireless IDS systems using open source". The idea
of this article is to use open source solutions (Snort, Kismet, Sagan, hostapd)
to build wireless IDS systems that report back to a unified/single console
for threat analysis. It has a bit of a different 'twist' from previous
wireless IDS articles. Let me know what you think about it.
It can be found at:
http://sagan.softwink.com/papers/wireless-ids
I've also released a new version of Sagan (0.1.7) that supports
the Prelude frame work. I'm pretty excited about Sagan's Prelude output
format. This gives Sagan IDMEF output and can log to a Prelude back end for
viewing with Prelude's "Prewikka". Of course, all the standard Sagan
to Snort logging (MySQL/PostgreSQL) are still there :)
For more information on Sagan, please check out:
http://sagan.softwink.com
Screen shots of Prelude, Snorby and BASE can be found at:
http://sagan.softwink.com/screenshots.html
--
Champ Clark III | Softwink, Inc | 800-538-9357 x 101
http://www.softwink.com
GPG Key ID: 58A2A58F
Key fingerprint = 7734 2A1C 007D 581E BDF7 6AD5 0F1F 655F 58A2 A58F
If it wasn't for C, we'd be using BASI, PASAL and OBOL.
Attachment:
pgpI8PLrbRYVd.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/