[Snort-users] Looking for a prebuilt Snort IDS Distro

Jeremy Hoel jthoel at ...11827...
Fri Sep 21 18:09:07 EDT 2012


Out ojmf curiosity, what does SO not do for you?
On Sep 21, 2012 5:33 PM, "Pak Chan" <brightlilim at ...11827...> wrote:

> That may be true, but there are people who just need an IDS, and having an
> easy-to-use IDS appliance (which is effectively what a distro is, or should
> be) will help that. Most people won't delve into the code to understand how
> it works underneath, in the same way that most people just purchase and
> install firewalls without understanding how they work. It means they won't
> get the best out of it, but it's a great deal better than if they didn't
> have one at all.
>
> Personally, I'm in that situation at the moment. The last time I looked at
> an IDS was one I had helped to build about ten years ago, and it was so
> primitive compared to the capabilities modern ones have. I'm getting back
> into it again, and finding myself short on time to learn about the
> fundamentals, I've decided to go for the SecurityOnion distro. It doesn't
> satisfy everything I want (yet), but that's down to my lack of experience
> in tweaking it. I'll get better as I learn more about it, but I don't want
> to be exposed in the meantime. I'll settle for less-than-ideal in the short
> term.
>
> Pak
> "Build a fire for a man, and he'll be warm for a day. Set a man on fire,
> and he'll be warm for the rest of his life."
>
>
> On 21 September 2012 17:51, PR <oly562 at ...11827...> wrote:
>
>> ps. it shouldn't matter what distro, unix/linux, its nix, prebuilt? that
>> means, no real configuring at the beginning, therefore, you will not
>> learn how it works, where it is, how it can be tweeked, unless you are a
>> wizard. not to say you can figure it out, it just means, you will have
>> less knowledge about how it works at the core.
>>
>> On Fri, 2012-09-21 at 13:14 +0000, Turnbough, Bradley E. wrote:
>> >
>> >
>> >
>> >
>> > From: Jaime Nebrera [mailto:jnebrera at ...11827...]
>> > Sent: Friday, September 21, 2012 2:51 AM
>> > To: snort-users at lists.sourceforge.net
>> > Subject: Re: [Snort-users] Looking for a prebuilt Snort IDS Distro
>> >
>> >
>> >
>> >
>> > On 20/09/12 15:26, Turnbough, Bradley E. wrote:
>> >
>> > I’m looking for a prebuilt snort IDS Distro.  Preferrably based on the
>> > Centos 6 series.  Any Suggestions?
>> >
>> >
>> >
>> > I’d like it to have (at a minimum):
>> >
>> >
>> >
>> > Snort
>> >
>> > Barnyard 2
>> >
>> > Snorby
>> >
>> > Mysql
>> >
>> >
>> >
>> >
>> >
>> >   Hi Bradley,
>> >
>> >   I would suggest redBorder.net
>> >
>> >   It contains Snort, Barnyard 2, Snorby (for event management) and
>> > MySQL. Besides those, you have a very powerful rule manager, config
>> > system and SNMP monitoring as an extension of Snorby and performance
>> > enhancements on the Snort side.
>> >
>> >   It is free for registered users and under open source license.
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> > Exactly what I was looking for…. Thanks Jamie!
>> >
>> >
>> > This e-mail transmission contains information that is confidential and
>> > may be privileged. It is intended only for the addressee(s) named
>> > above. If you receive this e-mail in error, please do not read, copy
>> > or disseminate it in any manner. If you are not the intended
>> > recipient, any disclosure, copying, distribution or use of the
>> > contents of this information is prohibited. Please reply to the
>> > message immediately by informing the sender that the message was
>> > misdirected. After replying, please erase it from your computer
>> > system. Your assistance in correcting this error is appreciated.
>> >
>> ------------------------------------------------------------------------------
>> > Got visibility?
>> > Most devs has no idea what their production app looks like.
>> > Find out how fast your code is with AppDynamics Lite.
>> > http://ad.doubleclick.net/clk;262219671;13503038;y?
>> > http://info.appdynamics.com/FreeJavaPerformanceDownload.html
>> > _______________________________________________ Snort-users mailing
>> list Snort-users at lists.sourceforge.net Go to this URL to change user
>> options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users
>> list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-usersPlease visit
>> http://blog.snort.org to stay current on all the latest Snort news!
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Got visibility?
>> Most devs has no idea what their production app looks like.
>> Find out how fast your code is with AppDynamics Lite.
>> http://ad.doubleclick.net/clk;262219671;13503038;y?
>> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
>> Please visit http://blog.snort.org to stay current on all the latest
>> Snort news!
>>
>
>
>
> ------------------------------------------------------------------------------
> Got visibility?
> Most devs has no idea what their production app looks like.
> Find out how fast your code is with AppDynamics Lite.
> http://ad.doubleclick.net/clk;262219671;13503038;y?
> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20120921/5565e956/attachment.html>


More information about the Snort-users mailing list