|reply to Sparrow |
Re: Nachi the new champion bad boy
You might want to look into DeepSight at Symantec which my partner and myself designed and built while at SecurityFocus (my partner stayed on so now he is a Symantec kind of guy ). There is a free component that you can join (see »aris.securityfocus.com ) and there are all sorts of global reports and analysis available(most are in the $ side however, but still there is a lot that is free). The idea is you send your IDS logs (supported systems here »analyzer.symantec.com/requirements.asp ) to DeepSight and you can use DeepSight to create all sorts of reports and such.
»www.SonicLogger.com - Logging Software for SonicWall and 3Comhttp://www.LinkLogger.com - Logging Software for Linksys, Netgear and Zyxel