Snort.org on Fedora
Callan K L Tham
miburo at singnet.com.sg
Tue May 11 16:55:36 UTC 2004
Hi Tim,
On Tue, 2004-05-11 at 23:05, Tim Alberts wrote:
> I was looking for a replacement for the trisentry (portsentry, hostsentry,
> logcheck) that is being maintained and doesn't have licensing issues when I
> found snort.org. From what I've been able to learn so far it seems to be a
> very robust, well developed and supported IDS program. My questions are:
>
> 1. Why isn't snort included with Fedora? What is Fedora's IDS software (if
> any)?
Not too sure about that, but Snort works wonderfully with FC :)
> 2. Has anyone tried to use snort with Fedora and how well does it work?
As I mentioned above, it works great. There are several howtos out there
detailing setup for snort + RH (not much difference from FC) + ACID, and
it's not difficult to set up at all.
> 3. Does anyone know of any other good IDS programs that will also
> automatically link with iptables to dynamically block attacks?
AFAIK, only snort works well with iptables with the inline patch. Google
for snort-inline and iptables, and you should find some good
documentation.
Cheers,
Callan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20040512/fb43826a/attachment-0002.bin
More information about the users
mailing list