Snort mailing list archives
Re: Snort on iPhone
From: Steven Sturges <steve.sturges () sourcefire com>
Date: Wed, 30 Oct 2013 15:59:14 -0400
I think there are more challenges beyond just compiling -- need something to get the raw packets. Not sure if there is libpcap or equivalent for iPhone -- something along those lines would be required for any sniffing technology. Attached is a first attempt (and probably easiest) to getting Snort on an iPhone. ;) Cheers -steve On 10/17/13 1:05 PM, Miso Patel wrote:
Some of my engineers are asking ... what is the best way to put Snort on the iPhone? They really want to know about IPS mode so they can block specific network traffic to Apple, arbitrary "apps", etc. Privacy is big concern here now, especially now that we know that the United States NSA is monitoring and recording most of what we do (hi, US NSA :P). I thought I'd ask here first before asking around about other tools to do this such as Suricata. The challenge, as I understand it is to get it to compile on the architecture. Since the iPhone is a computer (although with a not a common an architecture as most PCs, servers, etc.), it should be possible. Does anyone have a good tutorial? If there isn't a Snort IPS app (I didn't see it in the App Store), I suppose you will have to jailbreak the phone and install gcc etc. to compile but there could be considerations since the architecture isn't a normal PC. TFAT(F)H. -Miso, CISO ------------------------------------------------------------------------------ Android is increasing in popularity, but the open development platform that developers love is also attractive to malware creators. Download this white paper to learn more about secure code signing practices that can help keep Android apps secure. http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
------------------------------------------------------------------------------ Android is increasing in popularity, but the open development platform that developers love is also attractive to malware creators. Download this white paper to learn more about secure code signing practices that can help keep Android apps secure. http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Snort on iPhone Miso Patel (Oct 30)
- Re: Snort on iPhone Hui Cao (Oct 30)
- Re: Snort on iPhone Steven Sturges (Oct 30)
- Re: Snort on iPhone Victor Roemer (Oct 30)
- Re: Snort on iPhone Joel Esler (Oct 30)
- Re: Snort on iPhone Victor Roemer (Oct 30)