[Snort-users] Distro of choice

JJ Cummings cummingsj at ...11827...
Tue May 4 12:56:27 EDT 2010


I don't know if it will work, but there are SO rules for FBSD 8.0 (still
i386) but maybe worth a try..

JJC

On Tue, May 4, 2010 at 10:26 AM, Galley, Daniel
<dgalley at ...14803...>wrote:

> Joel,
>
>
>
> Any plans to precompile for FreeBSD-8 x64?  I just tried the FreeBSD-7 i386
> rules and, of course, no dice.
>
>
>
>
>
> *Daniel S. Galley*
>
> *From:* Joel Esler [mailto:jesler at ...1935...]
> *Sent:* Tuesday, May 04, 2010 8:22 AM
> *To:* Paul Schmehl
> *Cc:* snort-users at lists.sourceforge.net
> *Subject:* Re: [Snort-users] Distro of choice
>
>
>
> Just let me echo what Nick just said.  Shared Object rules don't work on
> Windows.
>
>
>
> If you are using Snort on Windows i'd encourage you to move off if
> possible.
>
>
>
> J
>
> On Tue, May 4, 2010 at 10:29 AM, Paul Schmehl <pschmehl_lists at ...14358...>
> wrote:
>
> The best OS for Snort is the one you know the most about.  In depth
> knowledge
> of the OS allows you to concentrate on what matters - the snort processes -
> and
> ensures that you will likely secure the box sufficiently to protect it from
> attack.
>
> --On Monday, May 03, 2010 23:27:54 -0400 BrainStomp Snort
>
> <snort at ...14862...> wrote:
>
> > So before I start - yes I know that I'll probably get 10 different
> answers;
> > yet I have to ask just the same.
> >
> > What is the current distro of choice for deployment of snort?
> >
> > My sensors are getting long on the tooth (5 years old) running on Pentium
> D
> > processors and 1 gig of RAM and it is time to upgrade. So I have a nice
> new
> > set coming but I haven't settled on what distro to use for the deployment
> of
> > the sensors.
> >
> > I'll need to run the basic stuff (snort, apache, php, base, mysql)
> >
> > right now I'm using Slackware but I'm comfortable with any linux distro.
> I'm
> > just trying to find out what would be best for snort.
> >
> > Thanks
> >
>
>
> --
> Paul Schmehl, Senior Infosec Analyst
> As if it wasn't already obvious, my opinions
> are my own and not those of my employer.
> *******************************************
> "It is as useless to argue with those who have
> renounced the use of reason as to administer
> medication to the dead." Thomas Jefferson
>
>
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20100504/898c03fd/attachment.html>


More information about the Snort-users mailing list