Solved

Snort, Etheral in a linux distribution system

Posted on 2007-04-01
6
1,706 Views
Last Modified: 2013-11-29
Besides SENTINIX (discontinued), is there an ACID or Snort + Etheral linux distribution system?

Thanks.
0
Comment
Question by:nakedconsulting
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 12

Expert Comment

by:StuFox100
ID: 18834877
Not sure what you are after - but something that maybe of interest are VMWare Appliances.
Check this one out:
http://www.vmware.com/vmtn/appliances/directory/295
Cheers
Stu
0
 
LVL 1

Expert Comment

by:GoUdVisKe
ID: 18891514
I think he's looking for a distro which has this software preinstalled, preferably without any other crap on it, if this is what you're asking for I don't think there is one. Just take a basic debian, install it without gui and stuff, strip it down a bit removing processes you don't need, and install snort with it's requirements.

S
0
 
LVL 1

Accepted Solution

by:
GoUdVisKe earned 250 total points
ID: 18891556
I forgot, there is a live CD which more or less has what you require: http://www.networksecuritytoolkit.org/nst/index.html
0
Are You Ransomware's Next Victim?

Worried about ransomware attacks hitting your organization?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with WatchGuard Total Security!

 

Expert Comment

by:bengyson
ID: 18944590
Hi,

I believe this is what you looking for. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT sensor. Running on CentOS, all has been fully configured and ready to run in VMware.

URL - http://sourceforge.net/projects/secureideas
0
 
LVL 12

Expert Comment

by:jahboite
ID: 19053316
Put back|track 2 in your arsenal.
http://www.remote-exploit.org/backtrack_download.html
0
 
LVL 2

Expert Comment

by:JasonPJohnson
ID: 25380482
They lost developers a long time ago but are now back in the game. http://www.skynet-solutions.net/easyids/

Easy IDS is a Snort / BASE / nmap distro that truly lives up to its name.

Install on a machine and you are ready to go . It is based off CentOS. I have it running on a few IDS around town.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port Scan attack in Symantec EndPoint Protection 4 47
Best book for Internet security 4 55
VPN Exposure 19 45
CertificateAuthority and Firefox 4 44
A hard and fast method for reducing Active Directory Administrators members.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Viewers will learn how to use the Hootsuite Dashboard.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question