SNEZ Copyright (C) 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018 Gene Guinter
SNEZ is free software: you can redistribute
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
SNEZ is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see http://www.gnu.org/licenses/.
Do not allow SNEZ to be accessed from the Internet or an untrusted or insecure network.
SNEZ is a web interface to the popular open source Intrusion Detection System SNORT(R). The main design
feature of SNEZ is the ability to filter and classify alerts. SNORT(R) is a registered trademark of Sourcefire, Inc. All rights reserved.
- Filter alerts on combination of signature, date, ip addresses, and sensor
- Filters can be used to classify alerts; filters are sortable and comments can be edited
- Can set up alerts on various combinations of alerts, addresses, etc. as 'warnings'
- Analyis view of source addresses for most signatures, events, destination ports
- All code server side PHP, easy installation with one simple config file and page
- Uses snort db directly
- Monitor up/down status of snort and barnyard2 processes
- Packet display and the ability to do a short real-time packet dump
- All activity related to filtering and deleting alerts logged
- Dismissed alerts can be retrieived by overriding filters
- DNS lookup with cut/paste to your favorite DNS lookup site (configurable)
- Configurable page performance and security parameters
- Runs on FreeBSD in addition to many Linux ditributions including Ubuntu and CentOS
Most current version is SNEZ 2.0.1
SNEZ on Sourceforge- see screenshots; download software, README, and documentation.
Other versions available for download- SNEZ 1.15
Bleeding Edge version- Nothing in the works, but pre-release builds will be stored in the Bleeding Edge folder.
SNEZ Bleeding Edge on Sourceforge
Information about the GNU General Public License can be found at http://www.gnu.org/licenses/
Send comments and inquiries to email@example.com
SECURITY, REQUIREMENTS and PRE-REQS
-While SNEZ is tested with web vulnerability scanners, do not allow SNEZ to be accessed from the Internet
or an untrusted or insecure network.
-Snort, Apache, MySQL, PHP.
-When configuring Snort, output type must be MySQL or barnyard2 to MySQL.
README and Installation Instructions on Sourceforge