AW: [Snort-users] Automating Sensor Installation

Poppi, Sandro Sandro.Poppi at ...3316...
Mon May 20 07:35:02 EDT 2002


> 
> On Sun, 19 May 2002, Darren Young wrote:
> 
> > I've been in the market for a while for a dedicated
> > Linux sensor distro but have not found one.
> 
> <snip>
> 
> >
> > What other distros are fairly simple to automate? I've
> > done RedHat before, but I really don't want all their
> > crap on a sensor. Just a really plain and simple
> > release.
> 
> Darren,
> 
> I would look more closely at RedHat's kickstart facility.  It's fairly
> trivial to kickstart a RH box with say, the 2.4.18 kernel, 
> snort, acid,
> and postgresql/mysql.
> 
> You can add in customized shell scripts as part of the post 
> install.  We
> use this to setup the networking scripts, routing tables, 
> ips, and such.
> 
I do sensor installation the same way using RedHat kickstart on the same
type of hardware: One default config and you have all new sensors up and
running in less than 30 minutes. I also incorporate any RH updates and
Bastille-Linux and all other tasks to harden the sensor.

So ling,
Sandro




More information about the Snort-users mailing list