RazorBack is a log analysis program that interfaces with the SNORT open source Intrusion Detection System to provide real time visual notification when an intrusion signature has been detected on the network. Snort should be configured to send data to syslog for razorback to display the data.
RazorBack is designed to work within the GNOME framework on Unix platforms.
RazorBack is an open source tool, available under the terms of the GNU Public Licence. InterSect Alliance welcome contributions from other authors, and thank Tomas Junnonen, creator of the FireStarter tool, as provider of the initial code skeleton.
· SNORT 1.8+
What's New in This Release:
· Rewrite under arjuna IDE, including a new glade-based interface.
· Now operates of /var/log/snort/alert, rather than syslog, and detects and reacts to log file rotations.