« Hacking the Cisco NAC - NACATTACK | Main | This is what i release all my code under. »
Thursday, April 12, 2007
SNX Admin system
This is a tool that i have been working on to admin and control multiple snort sensors on a network or multiple networks. This one uses perl to read in file streams and look for potential app bugs. Here is a sample
---------------
my $fln;
foreach $fln (@toproc){
print "Processing ".$fln. "\n\n";
open ("FH", "zcat ".$fln."|") or die "cannot open!!!\n";
while (my $x=<FH>) {
if (($x =~ /xxx.xxxx.xxx.xxx/) || ($x =~ /<string>/) || ($x =~ /<string>/) || ($x =~ /<string>/)){print $x;}
}
close(FH)
}
print "\nDONE\n";
}