similar to: Snort and CentOS 5.x

Hallo, in CentOS 5 fwlogwatch is available. CentOS 6: I have found nothing. Snort: installation from source? Other idea? Alternative software? OSSEC? Thank you for help in advance Best regards Helmut -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110905/1c409912/attachment.html>

FYI Kris ----- Forwarded message from Kris Kennaway <kris@FreeBSD.org> ----- X-Original-To: kkenn@localhost Delivered-To: kkenn@localhost.obsecurity.org Delivered-To: kris@freebsd.org Delivered-To: ports-committers@freebsd.org From: Kris Kennaway <kris@FreeBSD.org> Date: Thu, 17 Apr 2003 14:45:03 -0700 (PDT) To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org,

Hi, Any reliable source for snort packages to centos 5 and 6 64bit? -- Eero

Package: logcheck-database Hey, I created a logcheck ignore file for Snort with stuff I don't particularly want to see every day. The one line with the warning in it is questionable, so leave it in or out at your discretion. Also, my regex skills are not as good as they could be, so there are probably mistakes, or things that could be simplified more. Rules are below: ^\w{3} [

I have just installed freenx on two seperate centos 5.0 boxes. I had freenx server working before performing a "yum update" (which upgraded centos to 5.1). I then rebooted the box and now the display starts to show on the client, but then terminates the connection for no reason (at least nothing in any server logs). Below is the session info on the client machine. NXPROXY - Version

Ladies/Gents, /etc/init.d/snortd more snortd #!/bin/sh # Description: start up script for snort # chkconfig: 2345 40 60 # # Source function library. . /etc/rc.d/init.d/functions # case "$1" in # 'start') echo "Starting up Snort..." /prod/snort/bin/snort -c /prod/snort/etc/snort.conf -D -g snort -u snort -i eth0 -l /var/log/snort echo "Done." ;; #

I made an atempt to run snort_inline and shorewall on the same system but I could not get snort to see the packets. Maybe someone with a little more iptables knowledge could tell me what I''m doing wrong or if its possible to have the systems setup so that it places packets that the firewall would allow into QUEUE. After setting up and starting shorewall I then issue the following

I've been prowling through the FreeBSD and Snort list archives in search of information on setting up snort on a FreeBSD bridge(4) that logs to a remote postgres box via a third interface (hme0) Snort is being started with the following command: /usr/local/bin/snort -A full -D -e -d -s -i fxp0 -c /usr /local/etc/snort.conf Where fxp0 and fxp1 are in the bridge output from sysctl:

has anyone gotin snort 2.x working on centos 5.1 thanks in advance for your time -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20080130/b8302601/attachment-0002.html>

I figured that someone reading this list might want to take a look at the proceeding, considering that the version of Snort in FreeBSD ports -is- affected. -----Forwarded Message----- > From: CERT Advisory <cert-advisory@cert.org> > To: cert-advisory@cert.org > Subject: CERT Advisory CA-2003-13 Multiple Vulnerabilities in Snort Preprocessors > Date: 17 Apr 2003 11:30:47 -0400

Hi All, I am facing a problem when using ULOG daemon and SNORT (inline mode) with iptables. My set up is like this. 1. I need ULOG daemon to log firewall logs to MYSQL database. 2. I need SNORT in inline mode for intrusion prevention. Both can work fine induvidually with iptables. But ULOG daemon cannot work when SNORT is also running. Probably the reason is that snort also hooks to

Plus I would like to let you know that it works like a charm. Snort can now see those packets. -----Original Message----- From: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of Thibodeau, Jamie L. Sent: Wednesday, March 30, 2005 9:25 AM To: Mailing List for Shorewall Users Subject: RE: [Shorewall-users] Shorewall and an inline

----- Forwarded message from Louis Kowolowski <louisk@bend.com> ----- Date: Thu, 28 Aug 2003 11:37:42 -0700 From: Louis Kowolowski <louisk@bend.com> To: freebsd-security@freebsd.org Subject: snort, postgres, bridge User-Agent: Mutt/1.5.4i I've been prowling through the FreeBSD and Snort list archives in search of information on setting up snort on a FreeBSD bridge(4) that logs

hello list, i''ve set up shorewall and snort inline on a linux box. it works, but snort only sees traffic from new connections. and this is because shorewall automatically generates rules to accept established and related connections. how can i force shorewall to queue everything, so that snort can scan the hole traffic like in IDS mode. The setup i have now is really simple, just 2 zones

Hi, I''m new to the list, but have been through the documentation, archives, etc. looking for more info... I''ve been using shorewall 1.3.14 for a few months now, has been working well from day one. I''m also using it with dshield (submitting logs and using the block list). I''m thinking of adding snort-inline to the mix (I run apache and postfix on the same box,

Dear all, I''m setting up a new gateway for a small network (under 30 users)Gw will host the following services:shorewalldnsproxy i''m considering installing snort.can i do so on the same exact box ? is there any security risk of doing so ? box would have 4 ISPs and two internal interfaces. Any recommendation about the optimal setup of snort and shorewall (or if you suggest

You are awesome!!!! -----Original Message----- From: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of Tom Eastep Sent: Wednesday, March 30, 2005 9:11 AM To: Mailing List for Shorewall Users Subject: Re: [Shorewall-users] Shorewall and an inline IDS (snort-inlineorhogwash) Tom Eastep wrote: > Thibodeau, Jamie L. wrote: >

Hello all: I tried to install snort under /usr/ports/security and have some problems. with "make all", I checked every item on the menu but I got error messages: ////////////////////////////// laptop# make all ===> snort-2.8.1_1 is marked as broken: FLEXRESP2 patch file does not incorporate cleanly. *** Error code 1 Stop in /usr/ports/security/snort.

Hi all, I have been troubled with the traffic flow on the XCP 1.6 and XCP 0.5. - I have 4 servers in VLAN2 on port b12,b13,b14,b15 (these servers work on a XCP 0.5) - on port a3 have have mirrort al ports from a1,a2,a4-b24 - have a other HP server with XCP1.6 with (Debian 6.0.6 as host) and install snort. this has 2 eth carts in it. Eth0 is plugt in the VLAN2 network and

This time in the "normal" repo or also in testing? Greetings, j. verzonden m.b.v Android vandaar de beknoptheid. Nux! <nux at li.nux.ro>schreef: >On 19.03.2012 11:43, Jake Shipton wrote: >> On Mon, 19 Mar 2012 09:50:21 +0000 >> nux at li.nux.ro wrote: >> >>> Jake, >>> >>> Sure, 3.5 is on the to do list. >>> I see this