[Snort-users] Looking for a prebuilt Snort IDS Distro

PR oly562 at ...11827...
Fri Sep 21 12:49:52 EDT 2012


i am starting to see that you can build/roll your own IDS with snort at
its base with all the howtos out there, you can pretty much combine them
and build your own special IDS with all the bells and whistles of:

snort, barnyard2, pulledpork, snortreports, mysql/postgres, snorsby
etc.. as long as you put all the paths correctly, and know how to muck
with the conf files, as long as snort is at the base. i think snort will
have to evolve more to cover more types of hardware that will come out
eventually, organic computing, so forth, however, i don't think they are
at that level yet, and build upon the same principles of ethernet,
ipv4/6, however, new talent might come along and contribute to the snort
community. i like snort, just not lately, cuz i am having a hard time,
but it will work, and the more you play with it, config wise, you will
see what i am talking about generally.

my two bits

On Fri, 2012-09-21 at 13:14 +0000, Turnbough, Bradley E. wrote:
>  
> 
>  
> 
> From: Jaime Nebrera [mailto:jnebrera at ...11827...] 
> Sent: Friday, September 21, 2012 2:51 AM
> To: snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] Looking for a prebuilt Snort IDS Distro
> 
> 
>  
> 
> On 20/09/12 15:26, Turnbough, Bradley E. wrote: 
> 
> I’m looking for a prebuilt snort IDS Distro.  Preferrably based on the
> Centos 6 series.  Any Suggestions?
> 
>  
> 
> I’d like it to have (at a minimum):
> 
>  
> 
> Snort
> 
> Barnyard 2
> 
> Snorby
> 
> Mysql
> 
>  
> 
> 
> 
>   Hi Bradley,
> 
>   I would suggest redBorder.net
> 
>   It contains Snort, Barnyard 2, Snorby (for event management) and
> MySQL. Besides those, you have a very powerful rule manager, config
> system and SNMP monitoring as an extension of Snorby and performance
> enhancements on the Snort side.
> 
>   It is free for registered users and under open source license.
> 
>  
> 
>  
> 
>  
> 
>  
> 
> Exactly what I was looking for…. Thanks Jamie!
> 
> 
> This e-mail transmission contains information that is confidential and
> may be privileged. It is intended only for the addressee(s) named
> above. If you receive this e-mail in error, please do not read, copy
> or disseminate it in any manner. If you are not the intended
> recipient, any disclosure, copying, distribution or use of the
> contents of this information is prohibited. Please reply to the
> message immediately by informing the sender that the message was
> misdirected. After replying, please erase it from your computer
> system. Your assistance in correcting this error is appreciated. 
> ------------------------------------------------------------------------------
> Got visibility?
> Most devs has no idea what their production app looks like.
> Find out how fast your code is with AppDynamics Lite.
> http://ad.doubleclick.net/clk;262219671;13503038;y?
> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
> _______________________________________________ Snort-users mailing list Snort-users at lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!





More information about the Snort-users mailing list