this tool for redirecting a portion of the detected suspicious traffic to a honeypot machine depending on the priority number at snort alerts.
Java
Switch branches/tags
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
nbproject
src
GPL-LICENSE.txt
README
Screen1.PNG
Screen2.PNG
build.xml
manifest.mf

README

Snort has limited actions same as ( alert, log, drop, etc..) but it doesn't has REDIRECT action,
this tool can redirect the suspicious connections if they were matched with snort rules
which have 'alert' as an action. this will be done by making the user specify a priority
number, so if snort alerted the specified priority number or any higher severity priority
number ( smaller priority number has higher severity ) then the whole traffic of the suspicious
ip will be redirected to a honeypot machine and for this the tool need iptables to be configured.
Remember this tool will consider only snort rules with 'alert' as an action. this tool also
offer a monitoring console for the redirected connections this has been done by implementing tcpdump sniffer.
All this come with friendly graphical user interface.