Snort mailing list archives

Re: Linux distro for Snort inline as IPS

From: James Lay <jlay () slave-tothe-box net>
Date: Mon, 25 Jan 2016 16:51:54 -0700

On 2016-01-25 16:44, Sec_Aficiondado wrote:

Hi there,

Apologies if this has been asked before but web searches are not
helping me in this regard today.

I was wondering if there is a particularly well suited, stripped down,
Linux distribution that could be used for a machine only running Snort
inline as an IPS. Ideally something that only has the components Snort
needs and nothing more.

VMs are OK too.

Thanks!


I think Security Onion would be a good fit:

https://security-onion-solutions.github.io/security-onion/

James

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Linux distro for Snort inline as IPS Sec_Aficiondado (Jan 25)
- Re: Linux distro for Snort inline as IPS James Lay (Jan 25)
  - Re: Linux distro for Snort inline as IPS Jeff H (Jan 25)
    - Re: Linux distro for Snort inline as IPS wkitty42 (Jan 26)
    - Re: Linux distro for Snort inline as IPS Avery Rozar (Jan 26)
    - Re: Linux distro for Snort inline as IPS Sec_Aficiondado (Jan 26)