freebsd-ports/security/acid/pkg-descr

ACID is a PHP-based analysis engine to search and process a database of 
security incidents generated by the NDIS Snort.  The features currently
include:

 - Search interface for finding alerts matching practically any criteria.
   This includes arrival time, signature time, source/dest address/port,
   flags, payload, etc.  Furthermore, these queries can be made arbitrarily
   complex to satsify almost any parameters.

 - Statistics:
     - % of traffic for each protocol
     - Alerts: # of src/dst IP, last/first arrival time
     - Graph # of arrived alert over a period of time
     - last x-number of alerts by protocol

 - All features are provided in real-time 

WWW: http://www.cert.org/kb/acid/
Add acid to our ports tree. (not out, sorry) This is acid v0.9.4, Analysis Console for Intrusion Databases (ACID) with Snort and MySQL. Before someone complain about it, I need to say portlint doesn't like this port so much. That's because the naming rule of DISTFILES(from the author) has a bad style. ACID needs snort 1.6.3(maybe higher) and php3/mysql, we are waitng for upgrading the development version of snort to make this port happy. Submitted by: Yen-Ming Chen <yenming.chen@foundstone.com> 2000-09-25 22:58:04 -04:00			`ACID is a PHP-based analysis engine to search and process a database of`
			`security incidents generated by the NDIS Snort. The features currently`
			`include:`

			`- Search interface for finding alerts matching practically any criteria.`
			`This includes arrival time, signature time, source/dest address/port,`
			`flags, payload, etc. Furthermore, these queries can be made arbitrarily`
			`complex to satsify almost any parameters.`

			`- Statistics:`
			`- % of traffic for each protocol`
			`- Alerts: # of src/dst IP, last/first arrival time`
			`- Graph # of arrived alert over a period of time`
			`- last x-number of alerts by protocol`

			`- All features are provided in real-time`

			`WWW: http://www.cert.org/kb/acid/`