Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Linux distro for Snort inline as IPS

From: Jeff H <jeff61225 () gmail com>
Date: Mon, 25 Jan 2016 18:47:28 -0800
On Monday, January 25, 2016, James Lay <jlay () slave-tothe-box net> wrote:



I think Security Onion would be a good fit:

https://security-onion-solutions.github.io/security-onion/

James


------------------------------------------------------------------------------



I don't think Security Onion would be a good fit. Inline IPS mode isn't
supported and it has quite a bit of additional NSM software running by
default that would need to be disabled if only Snort is required.

I'm not aware of any specific stripped down distros for running Snort
inline, I would start with a well supported minimal Linux distro and add
what is needed.

Jeff

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: