Download HenWen for Mac - Network security package runs Snort. MacUpdate.com

HenWen 2.1.2

Your rating: Now say why...

(4) 4.75

Network security package runs Snort. Free

Add to my Watch List
Email me when discounted

Download Now
1.75 MB
Visit Developer's Site
Nick Zitzmann

What's New

Version 2.1.2:

Restored compatibility with Mac OS X 10.2.x.
Fixed a problem which made it impossible to edit variables and rules under Mac OS X 10.4.x.
The "Launch Snort as a startup item" menu item works again under Mac OS X 10.4.x.

Requirements
PPC, Mac OS X 10.2 or later.

Mocha

+2
Free

Monitors your network, warns of ...
Snort

+1
Free

Network intrusion detection ...

HenWen User Discussion (Write a Review)

ver. 2.x:

(4)

Your rating: Now say why...

Overall:

(5)

sort: smiles | time

Name reviewed on 13 May 2006

This is the best firewall, intrusion detection and handling as well as notification and logging tool for the Mac OS X. It has more features and more flexible features as NetBarrier from Intego software. It is free and based on a strong development behind Snort, it uses rules update feature, database logging, notification system, menubar item for quick access, and this is now very important: A 73 pages documentation with great explanations in every cases written in a non-geeky language. This my indispensable security solution for my internet and network activity.

I can only strongly encourage to use this system, I my self am a developer, and traditional Macintosh user since Mac OS 7.

This tremendous work beats all commercial products with it's community and software development as well as support. It should win the Apple Design Award.

[Version 2.1.2]

-4

Anonymous reviewed on 25 Apr 2005

GEEZ,
If I wanted all this garbage taking up valuable recources I would switch back to my full of security holes M$ XP machine which had AV ASW ATW ACB HOST FW DFW Cleaner DASW running which a hem never fixed corrected or really protected me any of those issues. Get real!

[Version 2.1.1]

3 Replies

Anonymous commented on 27 Apr 2005

So, umm... have you actually tried to use this and see if it will work (and how much it might or might not bog down your system)... or are you just complaining because your Windows setup didn't work the way you wanted it to work?

Anonymous commented on 20 Jun 2005

Obviously you haven't a clue what this is for. If you run your own server and don't want to shell out big bucks, Snort is a very potent intrusion detection system (you DO know HenWen is a front end for Snort, right? You DO know that Snort is a cross platform tool that this developer has kindly made a simple (i.e. something even a clueless individual... ahem... could configure) interface to, right?).

You will probably never have any issues a la intrusion but Snort exists to give web admins peace of mind (as well as a tool to track those bad guys who DO try to screw with you).

Anonymous commented on 04 Oct 2005

Silly grownups, NIDS is for KIDS! Morons need not apply.

Anonymous reviewed on 30 Dec 2003

I can't seem to get letterstick to open in 10.3.2. I get a message saying error2 'either you're not logged in as administrator or you don't have NIDS running'. How do I know if NIDS 'SNORT' is running? When in HENWEN, I click in the menu bar to run NIDS. It comes back and says successful. What can I be doing wrong?

[Version 2.0.4]

1 Reply

Anonymous commented on 15 Jul 2005

You might try opening a terminal and do a ps -aux |grep snort or just type "top" and look for the process.

Anonymous reviewed on 07 Oct 2003

Thanx anon for the answers to most of my questions. Thanks for the tip on nMapFE - very cool tool. I'm not in the expert league and did not find the snort documentation that easy to understand - especially configuring the "network" tab - thats MY problem ofcourse!

Anyway - I am on an Airport network with an IP like 10.0.1.20. Having setup Henwen(and letterstick) to run on en1 (would not accept en0,en1) - I tried to use nMapFE on that IP - but got no alerts! Can I not run the scan from the same computer?
Thanks!

[Version 2.0.1]

Anonymous reviewed on 02 Oct 2003

alexmathew:

1. quitting HenWen does _not_ stop Snort. you can start/stop it from within HenWen, though

2. the logs are placed in /var/logs/snort/

3. that's ok. if there haven't been alerts, there isn't an alert log :)

4. you can use a port scanner/sniffer like NmapFE on your own IP

5. en0 is your primary ethernet card (built-in ethernet). if you use airport to connect to the internet, you must configure HenWen to en1 (typically), for modem ppp0 .... etc.

Also: To have LetterStick alert you, you must configure snort output to 'Log alerts to a Unix socket'

RTFM! - You should really read the (excellent!) documentation :)

[Version 2.0.1]

Anonymous reviewed on 30 Sep 2003

The interface (and price) looks good.
However:
1. When I quit HenWen, is NDIS and Snort still running?
2. Where are the logs placed? How can I see it from within HenWen?
3. With LetterStick installed, I still cannot see Snorts Alert Log (I have had no alerts) - it opens a terminal, asks for my password and then nothing. Is this OK?
4. How can I test HenWen ?
5. I get these messages in console - is this Ok or is there a problem?:

OpenPcap() device en0 network lookup: en0: no IPv4 address assigned

HenWen[1854] *** -[NSCFArray objectAtIndex:]: index (-1) beyond bounds (2)

Any information is appreciated.

[Version 2.0.1]

Anonymous reviewed on 26 Sep 2003

A very well designed front end of Snort and more!

A full-fledged Intrusion Detection System which is easy to use and highly configurable.

And it is free for personal use!

The LetterStick application is a great addition, although the colorful icon is a bit disturbing in the menu bar. Still better than having it in the dock, though :)

Maybe a black&white option, soon?

Also, it would be nice if there was an installer for the log rotation feature.

[Version 2.0]

Anonymous reviewed on 07 Aug 2003

one of the best icons for an app i have seen!

oh. cool app too :)

[Version 2.0]

Anonymous reviewed on 23 Apr 2003

Awsume GUI to snort!

[Version 2.0]

Anonymous reviewed on 21 Jun 2002

A must-have package for every mac serving on the internet, an even users with permanent connections. Easy to use and understand. Includes the snort inside, along the rules, manuals, etc... an all in one package for detection of network intrussions.

[Version 1.0.1]

There are currently no troubleshooting comments. If you are experiencing a problem with this app, please post a comment.

There are currently no ratings. Write a comment or review now.

Downloads:18,207

Version Downloads:6,612

Type:Utilities : Security

License:Free

Date:20 Jun 2005

Platform:PPC

Price:Free

Overall (Version 2.x):

Features:

Ease of Use:

Value:

Stability:

Displaying 1-10 of 10

Please login or create a new
MacUpdate Member account
to use this feature

Watch Lists are available to
MacUpdate Desktop Members
Upgrade Now

Download and auto-install
using MacUpdate Desktop. Save
time moving folders and cleaning-up.

HenWen is a network security package for Mac OS X that makes it easy to configure and run Snort, a free Network Intrusion Detection System (NIDS). HenWen's goal is to simplify setting up and maintaining software that will scan network traffic for undesirable traffic a firewall may not block. Everything you need to have is bundled in; there is no compiling or command line use necessary.

A NIDS has a number of practical uses on a network. For people that use Mac OS X Server or otherwise provide network services with their Macs, a NIDS will inform the administrator that someone from a specific place on the network is trying to scan the server for possible vulnerabilities, or try to compromise security. A NIDS can also scan the network for bad TCP or ICMP traffic, or traffic that suggests someone on the network (or the local computer) is trying to do something that the network administrator does not want them doing (ie. trading pirated software or using software they're not supposed to be using). While a NIDS is mainly used by network administrators, a NIDS is also a useful thing for home users to have as well, especially for home users who are always connected to the Internet and/or have a home network installed.

Add/Update Listing About MacUpdate Desktop Career Opportunities RSS Twitter Facebook Advertise Sitemap