Update of "NSM Dino"
Not logged in

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview

Artifact ID: be9828b28912b0170459196a9239ef9446332871
Page Name:NSM Dino
Date: 2010-12-02 04:23:58
Original User: dvessey
Parent: e0e05fced5fdb073f4b2d81fba77143c51a23168
Content

Introduction

The goal of this project is to provide a distributed workspace for NSM analysis and development.

The idea for this project evolved out of various ideas for the 'king' of NSM tools - something flexible to help analyze lots of various data everything from raw packet data to summary meta data. SIEM's and SQL databases already exist and do this well-ish.

What I really wanted was somewhere to save small scripts, modifications to open source code, snort signatures (an SCM like tool) AND somewhere to record notes (something like a wiki...). It also helps if it supports distributed operation because lots of NSM and incident response analysis takes place on segregated networks, but lots of development is able to take place on open networks in collaboration with others. So, a distributed SCM like fossil fits the bill.

Check out the fossil book for much more information!

NSM Dino Links

NSM Dino Standards - As this is going to be a distributed project, there have to be standards for how information is organized within the wiki and how things are named within the directory structure.

Projects - Don't get put off by the word project - it's merely meant to be a collection of "stable" scripts developed and ready to be shared.

People - Each contributor has their own wiki space to document their own projects, use as a blog, analysis notes, etc.

Notes & How To's - Section of the wiki to collect notes/how to's for conducting analysis.