Re: RedBorder IDS / A bit disappointed... (maybe someone can help & clarify?)

[Jaime Nebrera <jnebrera () gmail com>]

  Again, for the benefit of the list:

**************************************************

  Hi giles,

  Have you read the fastpath install guide?

http://redborder.net/fastpath-install-guide/

  You need configure the manager using rb_sysconf to set networking and 
cluster issues even if there is only a node (single mode). All services 
in the manager (mysql, rabbitmq, chef-*, drbd, etc) depend on a working 
cluster (rgmanager and cman services), this configurations are created 
by rb_sysconf automatically using a wizard in the 'System configuration' 
menu.

  Please, read the official manual too:

http://redborder.net/wp-content/uploads/2012/08/redBorder_IPS-2.2-Reference_Manual-en-US.pdf

  On the other hand, you need to know that we don't guarantee that the 
redBorder sensor works well in a virtual environment because the pf_ring 
support in the virtual network module.

  If you don't want to see the message  "ttyS0 main process ..., 
respawning"  remove the file "/etc/init/ttyS0.conf" and reboot.

  Regards.

On 26/09/12 13:49, Giles Coochey wrote:
> On 26/09/2012 12:18, Jaime Nebrera wrote:
> >   Hi Giles, we are still trying to discover why you cant send to the 
> > list.
> >
> >   Either way, the public release of the software was very specific to 
> > a particular project. We are trying to improve that, making it much 
> > more generic and thus more usable to other people.
> >
> >   Can you tell me the exact virtual box version you are using? We 
> > have tried with both VMWare and KVM and works.
> >
> >   Still, is very important to follow the manual for initial 
> > installation. Some stuff seems weird (like building a cluster of just 
> > one node) but its relevant when you consider the whole picture
> Quite happy to do some testing, but the VirtualBox version I've tried 
> the install on was 4.2.0 r80737 Windows 7 64-bit
>
> I've had an email from Juan off-list, so will speak with him.
> --
> Regards,
>
> Giles Coochey, CCNA, CCNAS
> NetSecSpec Ltd
> +44 (0) 7983 877438
> http://www.coochey.net
> http://www.netsecspec.co.uk
> giles () coochey net
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!