Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Hogger - bringing nmap & Snort together
From: "Crook, Parker" <Parker_Crook () reyrey com>
Date: Thu, 11 Mar 2010 10:05:06 -0500

To all you nmappers out there that may or may not be using Snort, I wanted to let you know that there is a new tool 
that I whipped up to parse nmap scan files for digestion by Snort:



Hogger is a tool written in perl that generates a host-attribute table for Snort.  It parses the output of an nmap 
scan, and creates a properly formatted XML file readable by Snort for easy preprocessor tuning.  Hogger can run on most 
platforms that can run perl scripts.  For more information on Hogger, check out JJ Cumming's blog post 
http://global-security.blogspot.com/2010/02/hogging-snort-host-attribute-table.html



If you choose to check it out, currently the parsing logic can't handle hosts with DNS resolution, so make sure to use 
the -n switch with nmap.



Check out Hogger at http://code.google.com/p/hogger/



Thanks,

Parker Crook

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
  • Hogger - bringing nmap & Snort together Crook, Parker (Mar 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]