Snort mailing list archives
RE: Knoppix and snort
From: "Gordon Cunningham" <gcunnin2 () bellsouth net>
Date: Tue, 5 Aug 2003 11:21:49 -0400
There are a couple Knoppix-based run-from-CD distro that include snort and a
bunch of other net forensics or security tools. I have recently downloaded
one, but have not had a chance to burn a CD and try it out. I would assume
if you want to log info from snort or tcpdump, you need a local drive or
network syslogging system. See the following:
Knoppix-STD (http://www.knoppix-std.org)
The Penguin Sleuth Kit (http://www.linux-forensics.com)
- Gordon
"The software said it requires Windows 98 or better, so I installed
Linux..."
-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Erek Adams
Sent: Tuesday, August 05, 2003 10:43 AM
To: Jonathan Jesse
Cc: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Knoppix and snort
On Mon, 4 Aug 2003, Jonathan Jesse wrote:
I have recently found an interesting Linux distro that runs completely from CD w/o making any changes to the computer's hard drive. The site says it makes for great demos of the Linux operating system without waiting to install something completely. I was wondering if anyone has had the time or energy or desire to implement/create the same form of system that would work as a demonstration of Snort? Would it even be a feasible project to try and figure out?
It's feasable and doable. In fact I think there's a BSD [0] that comes with Snort already done and ready for that. I'm not sure that it works entirely off of a RAMdisk though... Cheers! ----- Erek Adams "When things get weird, the weird turn pro." H.S. Thompson [0] http://people.freebsd.org/~picobsd/picobsd.html ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Knoppix and snort Jonathan Jesse (Aug 04)
- Re: Knoppix and snort Jon Baer (Aug 04)
- Re: Knoppix and snort Jon Baer (Aug 04)
- Re: Knoppix and snort Erek Adams (Aug 05)
- RE: Knoppix and snort Gordon Cunningham (Aug 05)