Snort.org on Fedora
Callan K L Tham
miburo at singnet.com.sg
Tue May 11 16:55:36 UTC 2004
Hi Tim,
On Tue, 2004-05-11 at 23:05, Tim Alberts wrote:
> I was looking for a replacement for the trisentry (portsentry, hostsentry,
> logcheck) that is being maintained and doesn't have licensing issues when I
> found snort.org. From what I've been able to learn so far it seems to be a
> very robust, well developed and supported IDS program. My questions are:
>
> 1. Why isn't snort included with Fedora? What is Fedora's IDS software (if
> any)?
Not too sure about that, but Snort works wonderfully with FC :)
> 2. Has anyone tried to use snort with Fedora and how well does it work?
As I mentioned above, it works great. There are several howtos out there
detailing setup for snort + RH (not much difference from FC) + ACID, and
it's not difficult to set up at all.
> 3. Does anyone know of any other good IDS programs that will also
> automatically link with iptables to dynamically block attacks?
AFAIK, only snort works well with iptables with the inline patch. Google
for snort-inline and iptables, and you should find some good
documentation.
Cheers,
Callan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040512/fb43826a/attachment-0001.sig>
More information about the fedora-list
mailing list