On Sun, Aug 05, 2007 at 10:13:53PM -0400, Paul Robert Marino wrote:
Yes while this it true and I'm very well familiar with sec due to my active involvment with prelude ids and while I agree it is a very powerfulll tool it does requier perl development effort to have a working implementation which means its not right for people not familiar with perl programing . In addition to my knowlege it was written as a prototype for a correlator engine for prelude ids, and has served its purpose and as such is no longer being activly developed in favor of the correlator which will be released soon. Syslog-mailer is tool which was designed to be simple to implement. Right now all I have to do is the documentation and I will post a release. I'm not saying its the right tool for every one is just easier to implement.
SEC doesn't require perl programming at all. -- Nate "The mind is everything. What you think you become." - Buddha