Snort mailing list archives
Re: Request for advice
From: Sean Brown <sblinux () shaw ca>
Date: Tue, 29 Jun 2004 19:41:01 -0600
On June 29, 2004 05:09 pm, Nicholas Bernstein wrote:
On Tue, 2004-06-29 at 15:58, Sean Brown wrote:On June 28, 2004 11:55 pm, Nicholas Bernstein wrote:Hello all: I've been asked to do a presentation on snort for a local users group in Los Angeles; Nothing too in depth, just a basic tutorial on how to get snort/acid/mysql setup. I was hoping that some of you might take a look and tell me if there is anything I missed putting down, or if there are any inaccuracies. I hope this is not too much to ask, but I would appreciate it a lot if anyone was willing to give some advice. It's located at: http://nicholasbernstein.com/uuasc_snort/ Anyway, thanks in advance. NickI looked through your presentation since I'm new to snort to see if there was anything there I didn't know, and while it seems well put together and does seem to be a good starting tutorial. I can really only say one thing, and that is your assertion that there is little reason to use packages provided by the distro/project and just simply compile it yourself. The packages are there to provide a simple way to upgrade, and keep track of all files required to run an application. Eventually your going to need to upgrade Snort, and the easiest way is by a package. If the system is just a test bed, then building it yourself, by simply configure, make and make install isn't much of a problem, but if the system is a 'production' machine, even if its just a home firewall, the packages are a better solution. The only time to favor making your own is if the package for a specific app lags significantly behind the current release, in which case its better to build a package and install that, instead of simply installing. Just some thoughts. -SeanSean: Thanks for the input. The reason I chose to emphasize using source as opposed to packages is that I did not want to favor one version of unix over another. The group I am presenting to is the "Unix Users Association of Southern California" and the people who are likely to be attending this event may be using many different versions of unix. Also, while I expect the majority of users to implement this on OpenBSD, or Linux, I'm presenting @ Sun Microsystems... wouldn't want to offend the hosts. :)
Well then you can highlight the absolute ease on creating Sun packages to be distributed to a system that will act as a production sensor. www.sunfreeware.com also has snort packages for download, illustrating the need to build your own package considering while there is a package for Snort 2.1.0 for Solaris 9 SPARC, the Solaris 8 package is at version 1.8 -Sean Brown ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Request for advice Nicholas Bernstein (Jun 28)
- Snort is a "niche player" Yaakov Yehudi (Jun 29)
- Re: Snort is a "niche player" Keith W. McCammon (Jun 29)
- Re: Snort is a "niche player" Frank Knobbe (Jun 29)
- Re: Snort is a "niche player" twig les (Jun 29)
- Re: Snort is a "niche player" Guillaume Arcas (Jun 29)
- Re: Snort is a "niche player" James Riden (Jun 29)
- RE: Snort is a "niche player" Yaakov Yehudi (Jun 29)
- RE: Snort is a "niche player" Darren Webb (Jun 29)
- Re: Snort is a "niche player" Keith W. McCammon (Jun 29)
- Snort is a "niche player" Yaakov Yehudi (Jun 29)
- Message not available
- Message not available
- Re: Request for advice Sean Brown (Jun 29)
- Re: Request for advice Sean Brown (Jun 29)
- Re: Request for advice sekure (Jun 30)
- Message not available