[Snort-users] Snort project update

Michael Boman michael at ...3137...
Wed Oct 3 00:29:02 EDT 2001


On Wed, Oct 03, 2001 at 01:11:32AM -0400, Martin Roesch wrote:
> As for OS selection, use what you like.  When we implement Data
> Acquisition Plugin's in Snort 2.0 this may become more of a factor, but
> for now I'm hearing about a lot of people seeing alot of success using
> Snort on Solaris, Linux, *BSD and Windows 2000.  Personally, I develop
> Snort on FreeBSD and Sourcefire uses OpenBSD for our sensor appliance
> OS, but I've been hearing some good things about the RedHat Turbo Packet
> interface (which would require mods for Snort to use, not to mention my
> general objection to RedHat's breaking stuff all the time).

I have got some patches for snort that uses REDIce Linux kernel (a
realtime Linux kernel) from REDSonic Inc. (http://www.redsonic.com).
The kernel mod is not open source, but I wonder if these patches
would be interesting for you? I haven't been able to put the work
to a real test yet, basicly because my lab network is quite limited.

/Michael Boman

-- 
There is no such thing as a system that is secure out of the box.
Tim [Timothy M. Mullen, CIO of AnchorIS.Com] claimed earlier this
morning that he had found one at WalMart the other day that was
secure out of the box, but as it turns out that was a Nintendo.

-- Jesper M Johansson, Ph.D. Assistant Professor of Information
   Systems at Boston University - during a SANS audio broadcast




More information about the Snort-users mailing list