SNEZ Copyright (C) 2011-2019 Gene Guinter
SNEZ is free software: you can redistribute
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
SNEZ is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see http://www.gnu.org/licenses/.
Do not allow SNEZ to be accessed from the Internet or an untrusted or insecure network.
SNEZ is a web interface to the popular open source Intrusion Detection System SNORT(R). The main design
feature of SNEZ is the ability to filter and classify alerts. SNORT(R) is a registered trademark of Cisco. All rights reserved.
- Filter alerts on combination of signature, date, ip addresses, and sensor
- Filters can be used to classify alerts; filters are sortable and comments can be edited
- Can set up alerts on various combinations of alerts, addresses, etc. as 'warnings'
- Analyis view of source addresses for most signatures, events, destination ports
- All code server side PHP, easy installation with one simple config file and page
- Uses snort db directly
- Monitor up/down status of snort and barnyard2 processes
- Packet display and the ability to do a short real-time packet dump
- All activity related to filtering and deleting alerts logged
- Dismissed alerts can be retrieived by overriding filters
- DNS lookup with cut/paste to your favorite DNS lookup site (configurable)
- Configurable page performance and security parameters
- Runs on FreeBSD in addition to many Linux ditributions including Ubuntu and CentOS
Most current version is SNEZ 2.2
SNEZ on Sourceforge- see screenshots; download software, README, and documentation.
Other versions available for download- SNEZ 2.0.1, 2.1
Bleeding Edge version- pre-release Alpha builds for SNEZ 3.0 stored in the Bleeding Edge folder.
SNEZ 3.0 highlights- Works with both unified2 and JSON outputs; Works with Snort 2.9.x, Snort 3.0, and Suricata
SNEZ Bleeding Edge on Sourceforge
Information about the GNU General Public License can be found at http://www.gnu.org/licenses/
Send comments and inquiries to firstname.lastname@example.org
SECURITY, REQUIREMENTS and PRE-REQS
-While SNEZ is tested with web vulnerability scanners, do not allow SNEZ to be accessed from the Internet
or an untrusted or insecure network.
-Snort, Apache, MySQL, PHP.
-When configuring Snort, output type must be unified2 (Use barnyard2 to write to MySQL db).
README and Installation Instructions on Sourceforge