Snort Rules checked by dumbpig

Writing custom Snort rules and what to check if they are correct? ..up to a certain point.
Well dumbpig [1] by Leon Ward is what you are after. For a good example check out VRT Sourcefire’s blog entry [2].

…while you are at it have a look at Snoge [3] “Take your Snort or Sourcefire IPS events and place them onto Google Earth.”.

Links Used:

[1] – dumbpig – http://leonward.wordpress.com/dumbpig/

[2] – Syntax Checking your Snort Rules – http://vrt-sourcefire.blogspot.com/2009/08/syntax-checking-your-snort-rules.html

[3] – snoge – http://code.google.com/p/snoge/

This entry was posted in Uncategorized. Bookmark the permalink.

One Response to Snort Rules checked by dumbpig

  1. Avik says:

    I have checked the algorithm and its a convenient method to add the events on to Google earth.

Leave a Reply

Your email address will not be published. Required fields are marked *