909e75a128
Based on a patch sent by Hiramatsu Yoshifumi via PR pkg/21540. Changes: - fix all installed scripts - simplify installation - DESCR has 80 columns - style nits 20021111.1: =========== - alerts with original packet included now have both sets of ports and first set of IPs as links - added -obfuscateip option to change the IP addresses in alerts to randomly (but consistently) chosen alternates (not presently available for database input) - Updated parsing for Snort 1.9.0 full alert files - new-style Spade reports now processed (Spade version 021008.1 and on) - spp_portscan2 log files now processed (these entries are displayed somewhat prettified) - updated linking to ICMP log files; this involved updates for new ICMP header format in Snort 1.9.0 - more robust recognition of non-packet alerts in different formats(these get ignored) - clarified warning about unknown ICMP type text and added repeat warning suppression (you'll now only get a warning about a particular string twice) - SnortSnarf will now ignore lines beginning with '#' between alerts, so you can use that to begin a comment
3 lines
184 B
Text
3 lines
184 B
Text
SnortSnarf is a Perl program to take files of alerts from the free Snort
|
|
Intrusion Detection System, produce HTML output intended for diagnostic
|
|
inspection and tracking down problems.
|