Use SnortCenter’s easy-to-use web interface to manage your NIDS sensors.

Managing an IDS sensor and keeping track of the alerts it generates can be a daunting task, and even more so when you’re dealing with multiple sensors. One way to unify all your IDS management tasks into a single application is to use SnortCenter (http://users.pandora.be/larc/), a management system for Snort.

SnortCenter is comprised of a web-based console and sensor agents that are run on each machine in your NIDS infrastructure. It lets you unify all of your management and monitoring duties into one program, which can help you get your work done quickly. SnortCenter has its own user authentication scheme, and supports encrypted communication between the web-based management console and the individual sensor agents. This enables you to update multiple sensors with new Snort rules or create new rules of your own and push them to your sensors securely. SnortCenter also allows you to start and stop your sensors remotely through its management interface. To monitor the alerts from your sensors, SnortCenter can integrate with ACID [Hack #83] .

To set up SnortCenter , you’ll first need to install the management console on a web server that has both PHP support and access to a MySQL database server where SnortCenter can store its configuration database. To install the management console, download the distribution from the download page (http://users.pandora.be/larc/download/) and unpack ...