Jhumri Tilayia wrote: >Marcus J Ranum was working on a syslog parser thingie. He wanted to release the source code after the Orlando SANS conference. You may want to check with him since it will be an integral part of the system you are trying to build. Yep. Fargo. Unfortunately, Fargo is dead in the water, about 95% completed. I won't be able to release it, or the HotZone honeypot; the intellectual property is owned by NFR Security and it's not going to belong to me. I am planning on beginning another log parsing project, using a slightly different approach and will be making that code available when it's done - so this is really only a minor setback. I expect to have something ready and posted in the summer time. When I have it ready for beta I'll announce it here. mjr. --- Marcus J. Ranum Computer and communications Security photonerdat_private http://www.ranum.com --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Sat May 04 2002 - 10:40:11 PDT