[Snort-users] Questions about Eagle X v2.0

LucAdmin info at ...2282...
Thu Jun 19 09:50:07 EDT 2003


Hi.

Ok I tried this out and it's very nice, one of the fastest installs of Snort
on a windows machine I've seen...except for some questions I have:

- Are the config settings backed up? (Mysql, snort, php, etc)  If yes, where
are they backed up?  If no, this would be a nice thing to centralize.
(My guess is it simply overwrites them without consequence in the individual
storage locations.)
- It does not request an installation point, and dumped everything in my C:\
directory where I will have to move it.
(This is a very bad design flaw, since some of us may want to install it
redundantly for testing purposes)
- Changes to IDSCenter, do not take permanent affect (IE: IP ADDRESS OF
DYNAMIC HOST) which then causes silly errors in IDSCenter. (Page not found,
host not found, etc.), this seems to be due to eagle config vs. snort config
via idscenter.  Should one rerun the eagle config?
- It does not seem to understand what 'localhost' or 127.0.0.1 is. (Not sure
about this one, could have been a server issue, but loopback did work)
- How does one upgrade one application (IE: PHP) without uninstalling and
reinstalling everything?

Also Preprocessor2-ignorehosts does not seem to work (snort FATAL
ERROR)....any idea's?

At the very least the next version should ask you where you want to install
=)

Otherwise a great step forward in snort on windows tools, great work!

James Friesen
CIO
Lucretia Enterprises
info at ...2282...

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Ueli
Kistler
Sent: Monday, June 16, 2003 6:14 AM
To: snort-users at lists.sourceforge.net;
snort-announce at lists.sourceforge.net; Focus IDS
Subject: [Snort-users] ANNOUNCEMENT: Eagle X v2.0 available on
http://www.engagesecurity.com


Hello

Eagle X v2.0, a pre-configured IDS system for Windows platform, is out
on http://www.engagesecurity.com.
It includes free software and a configuration tool will help you to
adapt it to your host/network environment very easily.

Product page: http://www.engagesecurity.com/products/idscenter
Download: http.//www.engagesecurity.com/downloads

What's new compared to Eagle X 1 ?

Snort 2.0 is used and PHP was updated to 4.3.2, IDScenter 1.1 RC3 is
included also. Snort is still installed as Windows service and IDScenter
is used
to manage and configure it. Online update feature is activated by
default using Oinkmaster from Andreas Östling.

IDScenter 1.1 RC3 has now an threaded AlertMail function and can also
send reports from the database server:
you only have to provide the queries in your template mail message or
use the standard SQL queries of IDScenter.
The HTML output can also be generated locally to a file using a
template. The viewer can be choosed of course (Internal log viewer /
Standard browser / Other browser software).

Software included (Credits are give online on
http://www.engagesecurity/products/eaglex)
Snort 2.01 Build 88
IDScenter 1.1 RC3
Apache 1.2.27
PHP 4.3.2
MySQL 3.23.55
ACID 0.9.6b23
JPGraph 1.9.1
Oinkmaster 0.8 Win32 (modificated, Original script by Andreas Östling)
WinPCAP 3.0 final


----------------------------------------------------------------------------
---
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the
world's premier technical IT security event! 10 tracks, 15 training
sessions,
1,800 delegates from 30 nations including all of the top experts, from CSO's
to
"underground" security specialists.  See for yourself what the buzz is
about!
Early-bird registration ends July 3.  This event will sell out.
www.blackhat.com
----------------------------------------------------------------------------
---


-------------------------------------------------------
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list






More information about the Snort-users mailing list