[Snort-users] RedBorder IDS / A bit disappointed... (maybe someone can help & clarify?)

Jaime Nebrera jnebrera at ...11827...
Wed Sep 26 10:27:12 EDT 2012

   Again, for the benefit of the list:


   Hi giles,

   Have you read the fastpath install guide?


   You need configure the manager using rb_sysconf to set networking and 
cluster issues even if there is only a node (single mode). All services 
in the manager (mysql, rabbitmq, chef-*, drbd, etc) depend on a working 
cluster (rgmanager and cman services), this configurations are created 
by rb_sysconf automatically using a wizard in the 'System configuration' 

   Please, read the official manual too:


   On the other hand, you need to know that we don't guarantee that the 
redBorder sensor works well in a virtual environment because the pf_ring 
support in the virtual network module.

   If you don't want to see the message  "ttyS0 main process ..., 
respawning"  remove the file "/etc/init/ttyS0.conf" and reboot.


On 26/09/12 13:49, Giles Coochey wrote:
> On 26/09/2012 12:18, Jaime Nebrera wrote:
>>   Hi Giles, we are still trying to discover why you cant send to the 
>> list.
>>   Either way, the public release of the software was very specific to 
>> a particular project. We are trying to improve that, making it much 
>> more generic and thus more usable to other people.
>>   Can you tell me the exact virtual box version you are using? We 
>> have tried with both VMWare and KVM and works.
>>   Still, is very important to follow the manual for initial 
>> installation. Some stuff seems weird (like building a cluster of just 
>> one node) but its relevant when you consider the whole picture
> Quite happy to do some testing, but the VirtualBox version I've tried 
> the install on was 4.2.0 r80737 Windows 7 64-bit
> I've had an email from Juan off-list, so will speak with him.
> -- 
> Regards,
> Giles Coochey, CCNA, CCNAS
> NetSecSpec Ltd
> +44 (0) 7983 877438
> http://www.coochey.net
> http://www.netsecspec.co.uk
> giles at ...9346...
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20120926/93a4f04b/attachment.html>

More information about the Snort-users mailing list