[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Snort.org on Fedora



Hi Tim,

On Tue, 2004-05-11 at 23:05, Tim Alberts wrote:
> I was looking for a replacement for the trisentry (portsentry, hostsentry, 
> logcheck) that is being maintained and doesn't have licensing issues when I 
> found snort.org.  From what I've been able to learn so far  it seems to be a 
> very robust, well developed and supported IDS program.  My questions are:
> 
> 1.  Why isn't snort included with Fedora?  What is Fedora's IDS software (if 
> any)?

Not too sure about that, but Snort works wonderfully with FC :)

> 2.  Has anyone tried to use snort with Fedora and how well does it work?

As I mentioned above, it works great. There are several howtos out there
detailing setup for snort + RH (not much difference from FC) + ACID, and
it's not difficult to set up at all.

> 3.  Does anyone know of any other good IDS programs that will also 
> automatically link with iptables to dynamically block attacks?

AFAIK, only snort works well with iptables with the inline patch. Google
for snort-inline and iptables, and you should find some good
documentation.

Cheers,
Callan

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]