Will Bailey | 1 Apr 02:10 2004

[sentinix-list] "null </fo" in Snort alert console

FYI:

Snort appears to be running (sensor is active) on my server and it has worked in the past.  However, sometimes
when I go to the Snort activity console I get a blank page and "null </fo" appears at the top of the page.  This
doesn't happen all the time, but just thought I'd mention this.

Will
Alessandro Agostini | 1 Apr 15:04 2004
Picon

[sentinix-list] Snort rules

Hi,
I see the option: Import/Update Rules -> Update from Internet, but I see
always :"No update this time .".
Is there any conf parameter to setup for this feature?

Thanks again.

Alessandro
------ Original Message -----
Alessandro,
 Open Snort Center and look under the "Admin Menu", all the options are
available there.

Thanks,
Michael

-----Original Message-----
From: Alessandro Agostini <A.Agostini at ifac.cnr.it>
Sent: Mar 29, 2004 7:15 AM
To: sentinix at elevenprospect.com
Subject: [sentinix-list] Snort rules

Hi,
Sentinix is GREAT!
Now, there is a automatic procedure for snort rules update?
I see all the rules in snort.eth0.conf file, and so I think that is
necessary a script to download ther new rules
and include in it.

Can you help me?
(Continue reading)

Chris Locke | 1 Apr 19:02 2004
Picon
Picon

[sentinix-list] ossim

Has anyone ever looked at using ossim with sentinix? It seems it would
fit right in.

--

-- 
*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*
	Chris Locke
	http://StageOfBattle.org
*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*
Terkanian, Greg | 1 Apr 19:10 2004

RE: [sentinix-list] ossim

"Open Source Software Image Map project"?????  What does that have to do with Network Management?  I'd love
to hear how you think it fits right in with Sentinix.

-----Original Message-----
From: sentinix-bounces@...
[mailto:sentinix-bounces@...]On Behalf Of Chris Locke
Sent: Thursday, April 01, 2004 11:03 AM
To: sentinix@...
Subject: [sentinix-list] ossim

Has anyone ever looked at using ossim with sentinix? It seems it would
fit right in.

--

-- 
*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*
	Chris Locke
	http://StageOfBattle.org
*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*
_______________________________________________
SENTINIX mailing list
SENTINIX@...
http://elevenprospect.com/mailman/listinfo/sentinix
Yoo, Gene | 1 Apr 19:13 2004

RE: [sentinix-list] ossim

Sorry for top posting...

I think he means this one.  This is an excerpt from packetstorm:

Os-sim attempts to unify network monitoring, security, correlation, and
qualification in one single tool. It combines Snort, Acid, MRTG, NTOP,
OpenNMS, nmap, nessus, and rrdtool to provide the user with full control
over every aspect of networking or security. Supported platform is
Linux. Changes: Serious bug fixes.  Homepage:
http://sourceforge.net/projects/os-sim/. By Dominique Karg, David Gil,
Fabio Ospitia Trujillo, Julio Casal, Jesus D. Munoz

http://www.ossim.net/ 

Gene

<snip>
"Open Source Software Image Map project"?????  What does that have to do
with Network Management?  I'd love to hear how you think it fits right
in with Sentinix.

-----Original Message-----
From: sentinix-bounces@...
[mailto:sentinix-bounces@...]On Behalf Of Chris Locke
Sent: Thursday, April 01, 2004 11:03 AM
To: sentinix@...
Subject: [sentinix-list] ossim

Has anyone ever looked at using ossim with sentinix? It seems it would
fit right in.
(Continue reading)

Terkanian, Greg | 1 Apr 19:16 2004

RE: [sentinix-list] ossim

OK, that makes a little more sense.  Sorry.  I think I've looked at this before.  Doesn't it seem more like a
replacement for Sentinix?

-----Original Message-----
From: sentinix-bounces@...
[mailto:sentinix-bounces@...]On Behalf Of Yoo, Gene
Sent: Thursday, April 01, 2004 11:13 AM
To: The SENTINIX Mailing List
Subject: RE: [sentinix-list] ossim

Sorry for top posting...

I think he means this one.  This is an excerpt from packetstorm:

Os-sim attempts to unify network monitoring, security, correlation, and
qualification in one single tool. It combines Snort, Acid, MRTG, NTOP,
OpenNMS, nmap, nessus, and rrdtool to provide the user with full control
over every aspect of networking or security. Supported platform is
Linux. Changes: Serious bug fixes.  Homepage:
http://sourceforge.net/projects/os-sim/. By Dominique Karg, David Gil,
Fabio Ospitia Trujillo, Julio Casal, Jesus D. Munoz

http://www.ossim.net/ 

Gene

<snip>
"Open Source Software Image Map project"?????  What does that have to do
with Network Management?  I'd love to hear how you think it fits right
in with Sentinix.
(Continue reading)

Won, Henry # PHX | 1 Apr 19:25 2004
Picon

[sentinix-list] NetDisco

Hello,

Has anyone had success getting NetDisco running on Sentinix?
http://www.netdisco.org

Henry
This E-mail message is for the sole use of the intended recipient(s) and may
contain confidential and privileged information.  Any unauthorized review,
use, disclosure or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply E-mail, and destroy all copies
of the original message.
Chris Locke | 1 Apr 19:30 2004
Picon
Picon

RE: [sentinix-list] ossim

Sorry guys I should have posted a link. It is the open source security
information management. 

http://www.ossim.net/

I don't really think it's a replacement. It just adds to it. I have just
started playing with ossim, but it seems to be good at gathering data
from snort/acid, ntop, nessus, and nmap, and giving you a centralized
front end for keeping track of the data. It would be something cool to
go along with nagios. 

Like I said though I have just started playing with it and am still
trying to get it all figured out. I have it on a fedora box right now
and once I get used to it may throw it on my sentinix box. I will post
back if it does indeed seem to play nice with sentinix. I was really
just curious if anybody else had already done this.

--

-- 
*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*
	Chris Locke
	http://StageOfBattle.org
*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*

On Thu, 2004-04-01 at 11:16, Terkanian, Greg wrote:
> OK, that makes a little more sense.  Sorry.  I think I've looked at this before.  Doesn't it seem more like a
replacement for Sentinix?
> 
> 
> -----Original Message-----
> From: sentinix-bounces@...
(Continue reading)

Michel Blomgren | 1 Apr 20:03 2004

Re: [sentinix-list] ossim


Hey!  Ossim looks *really* cool. This is definitely something I'll be testing 
out, correlation between snort, nessus, et al. is *exactly* what information 
security professionals need in order to understand the big picture. The 
website mentions that Ossim detects anomolies from collected data in a 
coordinated manner... it really doesn't seem to be able to get any better 
than this!  Get AlertCon in your private network! Exactly how it's supposed 
to be!

Thanks Chris Locke for bringing this to my attention! :)
	Michel

On Thursday 01 April 2004 19:30, Chris Locke wrote:
> Sorry guys I should have posted a link. It is the open source security
> information management.
>
> http://www.ossim.net/
>
> I don't really think it's a replacement. It just adds to it. I have just
> started playing with ossim, but it seems to be good at gathering data
> from snort/acid, ntop, nessus, and nmap, and giving you a centralized
> front end for keeping track of the data. It would be something cool to
> go along with nagios.
>
> Like I said though I have just started playing with it and am still
> trying to get it all figured out. I have it on a fedora box right now
> and once I get used to it may throw it on my sentinix box. I will post
> back if it does indeed seem to play nice with sentinix. I was really
> just curious if anybody else had already done this.
(Continue reading)

Michel Blomgren | 1 Apr 20:07 2004

[sentinix-list] My PGP public key


You can all get my pubkey from http://sentinix.org/pubkey_michel.asc
You can confirm the fingerprint at the bottom of the front page -> 
http://sentinix.org/

IMPORTANT!  I have not sent my pubkey to a keyserver, so if you get it from a 
keyserver, I did not send it there... and will not send it there either.

	Michel

Gmane