Commit message (Expand) | Author | Age | Files | Lines |
---|
ACID is a PHP-based analysis engine to search and process a database of security incidents generated by the NDIS Snort. The features currently include: - Search interface for finding alerts matching practically any criteria. This includes arrival time, signature time, source/dest address/port, flags, payload, etc. Furthermore, these queries can be made arbitrarily complex to satsify almost any parameters. - Statistics: - % of traffic for each protocol - Alerts: # of src/dst IP, last/first arrival time - Graph # of arrived alert over a period of time - last x-number of alerts by protocol - All features are provided in real-time WWW: http://www.cert.org/kb/acid/ repository'/>