Void's Forums

Void Main's Beautiful Site

Skip to content

Security - Intrusion Detection

Discuss Networking
Post a reply

Security - Intrusion Detection

Postby Void Main » Sat Aug 16, 2003 6:32 pm

A little something I've been working on:

http://voidmain.is-a-geek.net/si/?i=cac ... acti/Snort

Been doing a little hacking on Cacti, Snortcon and a few other things and melting them into a security console, including writing some new stuff...
User avatar
Void Main
Site Admin
Site Admin
 
Posts: 5705
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Top

Postby agent007 » Wed Aug 20, 2003 4:36 am

cool! I like the detailed logs and stuff....Say, can I install the same on my stand-alone system? It connects to the net via a modem..[dialup]

thanks.
agent007
administrator
administrator
 
Posts: 254
Joined: Wed Feb 12, 2003 11:26 pm
Top

Postby Void Main » Wed Aug 20, 2003 10:59 am

Can you tcpdump your modem connection? I can't remember if you can put a ppp interface into promiscuous mode or not like you can with an Ethernet interface. I think you can do it but if you aren't connected 24 hours, or at least a good portion of the day then you will not be able to obtain alert information for those periods (obviously).
User avatar
Void Main
Site Admin
Site Admin
 
Posts: 5705
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Top

Postby agent007 » Wed Aug 20, 2003 12:04 pm

hi VoidMain,

Yes, I can tcpdump the PPP connection..Infact, I've been running ethereal. Btw, I just wanted to go through the logs whenever the system is online...

ciao
agent007
administrator
administrator
 
Posts: 254
Joined: Wed Feb 12, 2003 11:26 pm
Top
Post a reply

Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB® Forum Software © phpBB Group
cron