similar to: Bug#403758: Logcheck rules for Snort

----- Forwarded message from Louis Kowolowski <louisk@bend.com> ----- Date: Thu, 28 Aug 2003 11:37:42 -0700 From: Louis Kowolowski <louisk@bend.com> To: freebsd-security@freebsd.org Subject: snort, postgres, bridge User-Agent: Mutt/1.5.4i I've been prowling through the FreeBSD and Snort list archives in search of information on setting up snort on a FreeBSD bridge(4) that logs

New years greetings. I have been setting up a function to generate multiple jpeg charts. When the calls are issued at the interactive console, the jpeg files are generated without an issue. When I try to issue the same calls from a function, some chart files are empty. It appears to only be related to trellis charts. Any help to troubleshoot this is appreciated. Regards, -mike R version

FYI Kris ----- Forwarded message from Kris Kennaway <kris@FreeBSD.org> ----- X-Original-To: kkenn@localhost Delivered-To: kkenn@localhost.obsecurity.org Delivered-To: kris@freebsd.org Delivered-To: ports-committers@freebsd.org From: Kris Kennaway <kris@FreeBSD.org> Date: Thu, 17 Apr 2003 14:45:03 -0700 (PDT) To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org,

hi, i want to know how i can find a mirror for installing nagios in centos 4. Because when i do yum search nagios or yum install nagios i don't receive a response.I don't know if somebody can give me a website like apt-get.org(unofficial apt repositories). thanks

I've been prowling through the FreeBSD and Snort list archives in search of information on setting up snort on a FreeBSD bridge(4) that logs to a remote postgres box via a third interface (hme0) Snort is being started with the following command: /usr/local/bin/snort -A full -D -e -d -s -i fxp0 -c /usr /local/etc/snort.conf Where fxp0 and fxp1 are in the bridge output from sysctl:

I want to use snort inline for ips and imq for bandwidth shaping When i have inserted imq module ip_queue module insertion giving error Is it possible to use both at the same time -- Failure seldom stops you. What stops you is the fear of failure. _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

Hi All, I am facing a problem when using ULOG daemon and SNORT (inline mode) with iptables. My set up is like this. 1. I need ULOG daemon to log firewall logs to MYSQL database. 2. I need SNORT in inline mode for intrusion prevention. Both can work fine induvidually with iptables. But ULOG daemon cannot work when SNORT is also running. Probably the reason is that snort also hooks to

hello list, i''ve set up shorewall and snort inline on a linux box. it works, but snort only sees traffic from new connections. and this is because shorewall automatically generates rules to accept established and related connections. how can i force shorewall to queue everything, so that snort can scan the hole traffic like in IDS mode. The setup i have now is really simple, just 2 zones

Hi all, I read the docu and I read the FAQ, I still don''t know where and how I should include the rules the mark packets for SNORT-inline. They need to be marked in the "in"-queue of the external interface *before* any firewall rules are applied. Any hints welcome. Philipp

Hi all, I need to monitor all traffic and block bad requests on my guest machines and also on my xen host. To accomplish this I think to install snort on my dom0 host (rhel5). Somebody have tried this? What about performance on guests?? Many thanks ... -- CL Martinez carlopmart {at} gmail {d0t} com _______________________________________________ Xen-users mailing list

Hi, I''m new to the list, but have been through the documentation, archives, etc. looking for more info... I''ve been using shorewall 1.3.14 for a few months now, has been working well from day one. I''m also using it with dshield (submitting logs and using the block list). I''m thinking of adding snort-inline to the mix (I run apache and postfix on the same box,

Hi, I am looking for some direction on how to configure KVM networking so that a promiscuous bridge/host nic/guest nic allows two different network monitoring packages to sniff the same physical traffic. The idea is to run a commercial package on the CentOS 6.5 host and Snort, via Security Onion, on the guest, both being fed by a physical switch SPAN or physical firewall TAP. The host has two

Dear Friends, I need to know, if RPM SNORT on repository DAG include option flexresp. Thanks Adriano

has anyone gotin snort 2.x working on centos 5.1 thanks in advance for your time -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20080130/b8302601/attachment-0002.html>

Can someone direct me to some simple instructions or a repo that I can enable to get snort installed on my CentOS 5.1 boxes? --Thanks, Jake

Hallo, in CentOS 5 fwlogwatch is available. CentOS 6: I have found nothing. Snort: installation from source? Other idea? Alternative software? OSSEC? Thank you for help in advance Best regards Helmut -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110905/1c409912/attachment.html>

Hi, Any reliable source for snort packages to centos 5 and 6 64bit? -- Eero

Plus I would like to let you know that it works like a charm. Snort can now see those packets. -----Original Message----- From: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of Thibodeau, Jamie L. Sent: Wednesday, March 30, 2005 9:25 AM To: Mailing List for Shorewall Users Subject: RE: [Shorewall-users] Shorewall and an inline

Sourcefire is looking to bring on a talented DevOps guy to join our talented Vulnerability Research Team. FreeBSD fanatics preferred! Sourcefire, Inc. (Nasdaq:FIRE) a world leader in Cyber Security is transforming the way Global 2000 organizations and government agencies manage and minimize network security risk. Sourcefire?s IPS and real-time adaptive security solutions provide security for the

I am attempting to create an IDS appliance proof-of-concept using Xen to virtualize the management server and sensors. To keep things simple, I am just trying to get one domU sensor and the domU management VM working together for now, but plan on using multiple domU sensors eventually. The VMs are all configured and ready to go, but the problem I am running into is an inability to see all the