'[Snort-announce] ANNOUNCEMENT: IDScenter 1.1 RC3 released on www.engagesecurity.com'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       snort-announce
Subject:    [Snort-announce] ANNOUNCEMENT: IDScenter 1.1 RC3 released on www.engagesecurity.com
From:       Ueli Kistler <iuk () gmx ! ch>
Date:       2003-06-16 12:14:12
[Download RAW message or body]

Hello

i'm glad to announce the release of IDScenter 1.1 RC3 and the new
website http://www.engagesecurity.com.
Note that www.packx.net is not updated anymore.

Product page: http://www.engagesecurity.com/products/idscenter
Download: http.//www.engagesecurity.com/downloads

Description: IDScenter is a front-end for Snort intrusion detection 
systems www.snort.org)

Platform: Windows 9x/Me/NT/2K/XP
Version: 1.1 RC3

Author: U. Kistler

Features:

    * Snort 2.0, 1.9, 1.8 and1.7 support
      o easy access to all settings
      o Interface listing using WinPCAP
      o inline configuration support (options in configuration file
      instead of command-line parameters, if available)
    * Snort service mode support
      o IDScenter takes over control of the Snort service
    * Snort configuration wizard
      o Variables
      o Preprocessor plugins
      o Output plugins (Syslog output plugin configuration for Snort 2.x
      and Snort 1.9.x supported!)
      o Rulesets
    * Online updates of IDS rules: IDScenter integrates a http client
      and starts an update script on demand
      o Full configuration frontend for Andreas Östlings Oinkmaster perl
      script
      o custom interval for update checks
    * Ruleset editor: supports all Snort 2.0 rule options
      o Easily modify your rules
      o Sort rules based on source IP, port, etc.
      o Import rules from files or websites into existant rulesets
    * HTML report from SQL backend
      o IDScenter can generate HTML output from your SQL database
      o Custom HTML template
      o Decoding of TCP Flags and more, Hex/Base 64 payload decoding,
      mutli-threaded DNS resolving possibility
    * Alert notification via e-mail, alarm sound or only visual notification
      o Threaded e-mail sending with custom send interval
      o SQL queries can be included in an AlertMail message, which are
      processed on demand (see above)
      o Possibilty to send the last # lines of your Snort log
      o Notification of attack is also possible with Snort logging to MySQL
      o Add attachments (e.x. the current process list generated by
      another program)
    * AutoBlock plugins: write your own plugins (DLL) for your firewall
      o ISS NetworkICE BlackICE Defender plugin included (possibility to
      block IP's, TCP and UDP ports, ICMP packets, set block duration)
      o Delphi framework included for fast writing new plugins for other
      firewalls
      o Test configuration feature: fast testing of your IDS
      configuration (Snort rule syntax checking etc.)
    * Monitoring:
      o Alert file monitoring (up to 10 files)
      o MySQL alert detection: allows centralized monitoring of all
      Snort sensors
    * Log rotation (compressed archiving of log files)
      o Backup your logfiles automatically, set log rotation period
      (day, week, month, interval)
    * Global event logging
      o Log events such AlertMail sending, Log rotation, Online updates,
      etc.
    * Integrated log viewer
      o Log file viewer
      o XML log file viewer
      o HTML/website viewer (support for ACID, SnortSnarf, HTML ouput
      generated using IDScenter's report template page etc.)
      o CVE search and WHOIS lookups
    * Program execution possible if an attack was detected

Requirements:

    * Snort 2.x (recommended)
    * WinPCAP 2.3 or higher

Regards,
    Ueli Kistler
    u.kistler@engagesecurity.com
    www.engagesecurity.com

--



-------------------------------------------------------------------------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the 
world's premier technical IT security event! 10 tracks, 15 training sessions, 
1,800 delegates from 30 nations including all of the top experts, from CSO's to 
"underground" security specialists.  See for yourself what the buzz is about!  
Early-bird registration ends July 3.  This event will sell out. www.blackhat.com
-------------------------------------------------------------------------------


-------------------------------------------------------
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
_______________________________________________
Snort-announce mailing list
Snort-announce@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-announce

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic