- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Re: ids for linux
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-26-2004 06:35 AM
тАО12-26-2004 06:35 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-26-2004 03:30 PM
тАО12-26-2004 03:30 PM
Solution- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-26-2004 08:02 PM
тАО12-26-2004 08:02 PM
Re: ids for linux
depends on what you want to operate your IDS to work on? Network?
http://www.snort.org/
Host? Perhaps samhain is a solution for you:
http://la-samhna.de/samhain/
Best wishes
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-26-2004 08:07 PM
тАО12-26-2004 08:07 PM
Re: ids for linux
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-27-2004 09:15 AM
тАО12-27-2004 09:15 AM
Re: ids for linux
www.linuxtech.cc
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-27-2004 07:52 PM
тАО12-27-2004 07:52 PM
Re: ids for linux
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-28-2004 06:10 AM
тАО12-28-2004 06:10 AM
Re: ids for linux
Nice Help from Dear Oliver Schwank
I m eagerly looking forward for the script from Don
and Dear Ivajlo Yanakiev, i am working on snort, and want some other tool, also.
Nice help
Thanks to all
Regards
Maaz
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-28-2004 08:41 AM
тАО12-28-2004 08:41 AM
Re: ids for linux
Sorry for the late reply. I haven't ran the script in awhile and I just wanted to make sure it still works..
Goto my website and grab the two files listed in the directory.
www.linuxtech.cc/snort
The first file (snort.cfg) is a kickstart script for ES 3.0. It will probably work for 2.1 also but I haven't tried. You'll need to change a few things like the NFS server where you do your installs from. Also, the disk partitions are setup for 'sda' (VMware). If this was a HP box with a RAID controller, you would use 'cciss/c0d0' , if using IDE, then use 'hda'. This script isn't too critical, if you install from CD, just make sure NOT to install Apache, MySql or PHP. BTW, the root PW is -> payday
The second file (snort.tar.gz) is a tar of various packages needed for a complete Snort install with ACiD frontend and MySql backend. The install-script goes through all the setup steps which are descriped in this document. http://www.internetsecurityguru.com/documents/snort_acid_rhws3.pdf
Once the OS is up & running;
1) mkdir /root/snort
2) copy the snort.tar.gz file into /root/snort
3) tar zxvf snort.tar.gz
4) run ./install-script
(this takes about 20mins. depending on CPU power)
5) When the script completes, it will say "Snort up & running!"
6) Next you'll need to extend the Snort DB to support ACID, point yor broswer to the IDS box; http://snortip/acid and click the 'Setup' link. This will extended the DB.
7) Goto URL http://snortip/acid ; you should see the ACID frontend. Snort is offically running..
Let me know how things progress..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-28-2004 11:47 PM
тАО12-28-2004 11:47 PM
Re: ids for linux
I can't install this now but I plane to do it.
tnks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-29-2004 10:47 AM
тАО12-29-2004 10:47 AM
Re: ids for linux
Tripwire -- http://www.tripwire.org/
yafic -- Yet Another File Integrity Checker:
http://www.philosophysw.com/software/yafic/
integrit -- http://integrit.sourceforge.net/
AIDE (Advanced Intrusion Detection Environment) -- http://www.cs.tut.fi/%7Erammer/aide.html
HTH,
Ross