IDS mailing list archives
Re: IPS-Builder
From: BlueT <bluet () bluet org>
Date: Thu, 13 Aug 2009 08:55:36 +0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nice tool, and I would like to help to make a english version and work on ubuntu/debian with/for you :-) Best wishes, BlueT. Augusto Pereyra wrote:
Hi list: I' d like to share with all, this script made by me based on root0 script for ips instalation. This script was tested on fedora 9 but it should work in fedora 10 too. You need 3 network interfaces (One for management and two for the bridge) I When the script finish his execution you will have an IPS with the following description: Detection engine: -Snort -Easy Update of rules using oinkmaster.pl (just run sh /sbin/oink) Blocking method (interact with IPtables): -Quarentine -Reset Layer 2 How is connected? -It works as an ethernet bridge using brctl in two interfaces to do it. -This have a management interface. Alert Mangement: -BASE (Logged in mysql) -Syslog (optional) System Management: -Webmin (only from localhost) -SSH (only in management interface) Extra -Startup scripts -Rule Configuration script (iptsamconf.sh) //this was downloaded from http://www.root0.net/ It works greate protecting virtual machines When you config the vmware interfaces for example put one of the NIC of the bridge in VMNET7 and the other must be set as a bridged In the next step you must connect all the vmware machines that you want protect connected to VMNET7 Thats it. All machines in vmnet7 will pass throw the bridge to reach the real network and the trafic will be analized by snort. To do -Daily reports by mail -Will detect attacks over SSL -Rule Configuration interface -Thats it. You can download it from http://code.google.com/p/ips-builder/downloads/list This is just the beta version. Please send me comments, questions or bugs to aepereyra at gmail dot com Enjoy Augusto Pereyra ----------------------------------------------------------------- Securing Your Online Data Transfer with SSL. A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe. http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkqDZIcACgkQfoJ/q1KWx6jhsQCfW7Fgwu3q4oe910UtvFkfCo38 xB8AoJM2k98skEmDmDjSQFBAPZ/6nbPx =fsf7 -----END PGP SIGNATURE----- ----------------------------------------------------------------- Securing Your Online Data Transfer with SSL. A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe. http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194
Current thread:
- IPS-Builder Augusto Pereyra (Aug 12)
- Re: IPS-Builder BlueT (Aug 13)