Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Snort, Etheral in a linux distribution system

Posted on 2007-04-01
6
Medium Priority
?
1,711 Views
Last Modified: 2013-11-29
Besides SENTINIX (discontinued), is there an ACID or Snort + Etheral linux distribution system?

Thanks.
0
Comment
Question by:nakedconsulting
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 12

Expert Comment

by:StuFox100
ID: 18834877
Not sure what you are after - but something that maybe of interest are VMWare Appliances.
Check this one out:
http://www.vmware.com/vmtn/appliances/directory/295
Cheers
Stu
0
 
LVL 1

Expert Comment

by:GoUdVisKe
ID: 18891514
I think he's looking for a distro which has this software preinstalled, preferably without any other crap on it, if this is what you're asking for I don't think there is one. Just take a basic debian, install it without gui and stuff, strip it down a bit removing processes you don't need, and install snort with it's requirements.

S
0
 
LVL 1

Accepted Solution

by:
GoUdVisKe earned 1000 total points
ID: 18891556
I forgot, there is a live CD which more or less has what you require: http://www.networksecuritytoolkit.org/nst/index.html
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 

Expert Comment

by:bengyson
ID: 18944590
Hi,

I believe this is what you looking for. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT sensor. Running on CentOS, all has been fully configured and ready to run in VMware.

URL - http://sourceforge.net/projects/secureideas
0
 
LVL 12

Expert Comment

by:jahboite
ID: 19053316
Put back|track 2 in your arsenal.
http://www.remote-exploit.org/backtrack_download.html
0
 
LVL 2

Expert Comment

by:JasonPJohnson
ID: 25380482
They lost developers a long time ago but are now back in the game. http://www.skynet-solutions.net/easyids/

Easy IDS is a Snort / BASE / nmap distro that truly lives up to its name.

Install on a machine and you are ready to go . It is based off CentOS. I have it running on a few IDS around town.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
I originally wrote this article to compare SARDU and YUMI, but have now added Easy2Boot, since that is the one I currently use and find the easiest to create and alter.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question