freebsd-ports/security/acid/pkg-descr
Foxfair Hu dea7ae9957 Add acid to our ports tree. (not out, sorry)
This is acid v0.9.4, Analysis Console for Intrusion Databases (ACID) with
Snort and MySQL. Before someone complain about it, I need to say portlint
doesn't like this port so much. That's because the naming rule of
DISTFILES(from the author) has a bad style.

ACID needs snort 1.6.3(maybe higher) and php3/mysql, we are waitng for
upgrading the development version of snort to make this port happy.

Submitted by: Yen-Ming Chen <yenming.chen@foundstone.com>
2000-09-26 02:58:04 +00:00

19 lines
709 B
Plaintext

ACID is a PHP-based analysis engine to search and process a database of
security incidents generated by the NDIS Snort. The features currently
include:
- Search interface for finding alerts matching practically any criteria.
This includes arrival time, signature time, source/dest address/port,
flags, payload, etc. Furthermore, these queries can be made arbitrarily
complex to satsify almost any parameters.
- Statistics:
- % of traffic for each protocol
- Alerts: # of src/dst IP, last/first arrival time
- Graph # of arrived alert over a period of time
- last x-number of alerts by protocol
- All features are provided in real-time
WWW: http://www.cert.org/kb/acid/