mulling the idea of a Infrastructure Security FAD (fedora activity day)
Luke Macken
lmacken at redhat.com
Thu Jun 14 15:44:04 UTC 2012
On Tue, Jun 12, 2012 at 05:03:48PM -0600, Kevin Fenzi wrote:
> * Setup a simple IDS of some kind?
> - Notice non standard traffic in our internal nets
I'm definitely excited about getting an IDS deployed. I made an attempt
at it a few years ago with prelude+prewikka, but it wasn't able to keep
up with the load. The open source version was pretty much crippled
compared to the pay version, and it couldn't handle the massive amounts
of SELinux alerts that we had at the time.
These days, I use suricata on all of my machines. It's extremely easy
to setup, and works with existing snort rules. I definitely think we
should consider it.
http://www.openinfosecfoundation.org
As for another potential goal:
- mod_security (I think we almost had it deployed at one point)
> What dates or places would you prefer?
Any of them work for me.
luke
More information about the infrastructure
mailing list