AW: [Snort-users] Automating Sensor Installation
Sandro.Poppi at ...3316...
Mon May 20 07:35:02 EDT 2002
> On Sun, 19 May 2002, Darren Young wrote:
> > I've been in the market for a while for a dedicated
> > Linux sensor distro but have not found one.
> > What other distros are fairly simple to automate? I've
> > done RedHat before, but I really don't want all their
> > crap on a sensor. Just a really plain and simple
> > release.
> I would look more closely at RedHat's kickstart facility. It's fairly
> trivial to kickstart a RH box with say, the 2.4.18 kernel,
> snort, acid,
> and postgresql/mysql.
> You can add in customized shell scripts as part of the post
> install. We
> use this to setup the networking scripts, routing tables,
> ips, and such.
I do sensor installation the same way using RedHat kickstart on the same
type of hardware: One default config and you have all new sensors up and
running in less than 30 minutes. I also incorporate any RH updates and
Bastille-Linux and all other tasks to harden the sensor.
More information about the Snort-users