[buug] aris-extractor?
Jon McClintock
jammer at weak.org
Mon Nov 11 15:14:46 PST 2002
Has anyone tried the aris-extractor:
Description: Scan system logs for security incidents and report them to ARIS
The Attack Registry and Intelligence Service (ARIS) is a free,
user-integrated attack-trending system hosted by SecurityFocus that
allows administrators and operators of Intrusion Detection Systems
(IDSs) to track, evaluate and respond to security alerts and attacks
in a proactive manner.
.
As an integral piece of the ARIS Analzyer service, SecurityFocus's
open-source ARIS Extractor utility distills data provided by IDS
attack-list logs to build client portfolios that provide meaningful,
graphical analysis of potentially malicious network incidents. By
filtering out insignificant or benign data and converting it to a
common format (xml), ARIS Extractor streamlines incident reporting
for both security professionals and home users in a way that allows
IDS operators to focus only on relevant attacks and
incidents. Additionally, ARIS Extractor ensures client
confidentiality through secure file-transfer protocols and optional
IP address suppression.
I'm getting fed up with all these probes on port 137, and would like to
think there's something I can do about it...
-Jon
More information about the buug
mailing list