Welcome to the SnortSMS project

SnortSMS is a web console frontend for multiple Snort based Intrusion Detection Systems (IDS). Combined with common Open Source software technologies such as MySQL, Apache, and PHP, we have put together a highly configurable tool designed to remotely manage, control, and monitor multiple IDS sensors within a NIDS network. We have open sourced the project in hopes that others in the computer intrusion detection and security field may find it as useful as we do.

Project Status

Current Version: 1.7.8 Release [download]

For the most part SnortSMS is complete. However, we have not tested it in a live production environment extensively, nor tested it on other Unix platforms other than our development platform FreeBSD 6.x.

Features

• Centralized Sensor Management - Unify all sensors under one common console interface. Create and share global configuration policies throughout your IDS sensors. Remotely start and stop sensors.
• Barnyard Support - Integrated support for Barnyard including auto-generation of 'sid-msg.map'.
• Health Monitoring - Monitor the statistics and health of all your sensors. Our parallel querying engine returns vital stats from all sensors simultaneously.
• Configuration Verification - Uses MD5 checksums to validate sensor config policies with global configuration settings.
• Rule Importing - Instantly download and import Snort rules and configuration resources into the SnortSMS libraries.
• Rule Auditing - Tracks historical records of past rule revisions.
• Event Browser - Light-weight Snort alert viewer to conveniently research incoming events.

Contact Us

Questions or comments should be directed towards the project support system hosted on SourceForge.Net.