Description du projet

PortscanGeoinfo is a plugin for the powerful Prelude correlation engine. Prelude is a universal security information management (SIM) system (www.prelude-technologies.com). Prelude-Correlator allows one to conduct multistream correlations with a powerful programming language for writing correlation rules. This plugin correlates alerts from Snort NIDS and OSSEC HIDS sensors regarding portscans. Geographical information (GeoIP) of the scanning host is included in the correlated alert.

Évaluation
Votre évaluation
Votre avis sur ce projet