Printable View
I agree 100%. This is more for people having difficulties in putting together all pieces needed or for "lazy" people or for people who don't want to learn and just want to maintain some kind of IPS/IDS, and I'm sure there are some..........Quote:
Originally Posted by streaker69
prelude also looks like a useful IDS, just came across it on a google
I just got done installing and configuring Snort/Base/NTop on my home xubuntu firewall. I have yet to tune the rulesets so I have its IP blocking features turned off as it gets false positives fairly regularly. These helped me get through installation.
[all variants] Intrusion Detection - Ubuntu Forums
http://assets.sourcefire.com/snort/s...se_Minimal.pdf
As for Security Onion I tried it out in VMware and it looks pretty cool.
I don't know, sometimes its nice to have all the tools and features you want already installed and configured on a distro *cough* backtrack *cough* :-)
Snort used to be included by default as a package in BT. It's been packaged however, so check the aptitude repo (although installing from source = highly recommended).Quote:
Originally Posted by Revelati
Keep in mind BT is an 'offensive' OS, not defensive.