Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Any experience with SNORT?

  1. #11
    Member hawaii67's Avatar
    Join Date
    Feb 2006
    Posts
    318

    Default

    Quote Originally Posted by streaker69 View Post
    Maybe it's just me, but I enjoy installing things from source. I've found it the best way to learn.
    I agree 100%. This is more for people having difficulties in putting together all pieces needed or for "lazy" people or for people who don't want to learn and just want to maintain some kind of IPS/IDS, and I'm sure there are some..........
    Don't eat yellow snow :rolleyes:

  2. #12
    Junior Member SBerry's Avatar
    Join Date
    Dec 2007
    Posts
    94

    Default

    prelude also looks like a useful IDS, just came across it on a google

  3. #13
    Member
    Join Date
    Sep 2008
    Posts
    146

    Default

    I just got done installing and configuring Snort/Base/NTop on my home xubuntu firewall. I have yet to tune the rulesets so I have its IP blocking features turned off as it gets false positives fairly regularly. These helped me get through installation.
    [all variants] Intrusion Detection - Ubuntu Forums
    http://assets.sourcefire.com/snort/s...se_Minimal.pdf

    As for Security Onion I tried it out in VMware and it looks pretty cool.
    I don't know, sometimes its nice to have all the tools and features you want already installed and configured on a distro *cough* backtrack *cough* :-)
    Morpheus: "You take the blue pill - the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill - you stay in Wonderland and I show you how deep the rabbit-hole goes."

    Neo: "What if I take both?"

    Morpheus: "Don't do that! You end up like Nick Nolte!"

  4. #14
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by Revelati View Post
    I
    As for Security Onion I tried it out in VMware and it looks pretty cool.
    I don't know, sometimes its nice to have all the tools and features you want already installed and configured on a distro *cough* backtrack *cough* :-)
    Snort used to be included by default as a package in BT. It's been packaged however, so check the aptitude repo (although installing from source = highly recommended).

    Keep in mind BT is an 'offensive' OS, not defensive.
    dd if=/dev/swc666 of=/dev/wyze

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •