Snort-AI

Portscan-AI (the only AI-preprocessor 100% functional so far) works now for the last version of Snort(TM), 2.8.3.2. Install instructions can be found here. This is the first milestone on the roadmap that has been reached. Now we have to document a lot, so developers can find a comprehensive guide to program stuff for the new Snort (not only AI-based preprocessors). I must say that it was much of a problem to port it, since the old instructions are still valid.

Take into account that etc/snort.conf file had been edited to load only necessary stuff for Snort-AI to work. If you need dynamic preprocessors or anything like that, please add what you consider necessary and refer to its own documentation for more details. Running options are exactly the same as if you were running standard Snort distribution.

License: GPL v2

IDE: Kdevelop 3.5.9 (there's a project file included)

Sources: svn co https://snort-ai.svn.sourceforge.net/svnroot/snort-ai/trunk/snortai-stable

A brand new wiki has been enabled, please check here. We will move progressively all docs there, by now, you can only find documentation about Snort-AI Web Console.

For those out there wondering "what the heck are they doing? we need code!",here is an update. I'm working on a new web console, not only suitable to supportportscan-spp, but any other "analyzer", using a plugin system. This is a screenshot:

It doesn't show too much, but the acual changes have been performed beneath. It's not functional yet, but testing code is under branch/sai-pm svn branch. sai-pm means "Snort-AI Plugin Manager".