Watch tower is a free-software project designed to bring together IDS and Firewalls for a combined security solution. Currently in pre-alpha, the package is initially set to import the xml output from Snort and the syslog output from the FreeBSD firewall software ipfw. This data will be dumped into a postgresql database, which will be front-ended by a GTK gui application.
This is a mockup of the GUI front end that will be developed to provide a seemless view to the database with the IDS and firewall data. Initially, it will provide two views - a list of events by external IP address, as well as a flat list of alerts. Additional views as front-ends to sql queries may be added as development progresses into the Alpha stages.
Initial modules have been written to
Here is the first pre-alpha cut of some of the core files for parsing the input from Snort and ipfw. WatchTower.pre_alpha01.tgz cksum: 236328421 6363