I wanted to drop by and announce a tool that I developed for Backtrack called Autosnort.
As the name implies, it is related snort, the open-source IDS/IPS software used the world over. The goal of the tool/script is simple: to update the version of snort on Backtrack. By default, BT5r3 ships with snort 126.96.36.199, which is now over two years old, and no longer supported by the snort community, meaning no new rules and no fixes if you come across bugs. This simple script grants you the option of removing the current snort installation, and updating the version of snort installed to the current stable release available on snort.org.
The script is a standard bash script, is entirely free, open source and released under the MIT license. While it isn't the most exciting thing in the world and certainly isn't the most leet, an updated version of snort can help security researchers in traffic analysis, as well as hackers around the world during the many and varied CTF competitions that require fast and accurate threat detection.
Some may wonder why didn't I just submit a ticket for the distro maintainers to include an updated version of snort in the backtrack repos. Well, because I believe that's more of a stopgap measure than it is a permanent solution. Let's say that I do that and that distro maintainers agree to make it a part of the currently supported releases and/or the next backtrack release, we'll still run into the same problem - the version in the repos is static, the versions available via snort.org are constantly changing and improving and before you know it, the version in the repos is EOL'd again. This script provides the user the ability to update the version of snort available on their system when and if they feel like it without bothering the distro maintainers who likely have numerous other bugs and/or issues to look after that are higher priority. Problem solved. Forever.
If you are interested, here is the github repo for the scripts (I support CentOS and Ubuntu as well currently.), Here is the blog I threw together for announcements/updates in functionality. Contact information is available in the either the readme or the blog link.
p.s.: thanks to the backtrack forum moderators for allowing me to post this.
Last edited by da667; 11-14-2012 at 06:08 PM. Reason: I no speel gud.(grammer) also, wanted to link to my blog for news and other updates.