FYI: Snort appears to be running (sensor is active) on my server and it has worked in the past. However, sometimes when I go to the Snort activity console I get a blank page and "null </fo" appears at the top of the page. This doesn't happen all the time, but just thought I'd mention this. Will
Hi, I see the option: Import/Update Rules -> Update from Internet, but I see always :"No update this time .". Is there any conf parameter to setup for this feature? Thanks again. Alessandro ------ Original Message ----- Alessandro, Open Snort Center and look under the "Admin Menu", all the options are available there. Thanks, Michael -----Original Message----- From: Alessandro Agostini <A.Agostini at ifac.cnr.it> Sent: Mar 29, 2004 7:15 AM To: sentinix at elevenprospect.com Subject: [sentinix-list] Snort rules Hi, Sentinix is GREAT! Now, there is a automatic procedure for snort rules update? I see all the rules in snort.eth0.conf file, and so I think that is necessary a script to download ther new rules and include in it. Can you help me?(Continue reading)
Has anyone ever looked at using ossim with sentinix? It seems it would fit right in. -- -- *:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:* Chris Locke http://StageOfBattle.org *:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*
"Open Source Software Image Map project"????? What does that have to do with Network Management? I'd love to hear how you think it fits right in with Sentinix. -----Original Message----- From: sentinix-bounces@... [mailto:sentinix-bounces@...]On Behalf Of Chris Locke Sent: Thursday, April 01, 2004 11:03 AM To: sentinix@... Subject: [sentinix-list] ossim Has anyone ever looked at using ossim with sentinix? It seems it would fit right in. -- -- *:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:* Chris Locke http://StageOfBattle.org *:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:* _______________________________________________ SENTINIX mailing list SENTINIX@... http://elevenprospect.com/mailman/listinfo/sentinix
Sorry for top posting... I think he means this one. This is an excerpt from packetstorm: Os-sim attempts to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, Acid, MRTG, NTOP, OpenNMS, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security. Supported platform is Linux. Changes: Serious bug fixes. Homepage: http://sourceforge.net/projects/os-sim/. By Dominique Karg, David Gil, Fabio Ospitia Trujillo, Julio Casal, Jesus D. Munoz http://www.ossim.net/ Gene <snip> "Open Source Software Image Map project"????? What does that have to do with Network Management? I'd love to hear how you think it fits right in with Sentinix. -----Original Message----- From: sentinix-bounces@... [mailto:sentinix-bounces@...]On Behalf Of Chris Locke Sent: Thursday, April 01, 2004 11:03 AM To: sentinix@... Subject: [sentinix-list] ossim Has anyone ever looked at using ossim with sentinix? It seems it would fit right in.(Continue reading)
OK, that makes a little more sense. Sorry. I think I've looked at this before. Doesn't it seem more like a replacement for Sentinix? -----Original Message----- From: sentinix-bounces@... [mailto:sentinix-bounces@...]On Behalf Of Yoo, Gene Sent: Thursday, April 01, 2004 11:13 AM To: The SENTINIX Mailing List Subject: RE: [sentinix-list] ossim Sorry for top posting... I think he means this one. This is an excerpt from packetstorm: Os-sim attempts to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, Acid, MRTG, NTOP, OpenNMS, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security. Supported platform is Linux. Changes: Serious bug fixes. Homepage: http://sourceforge.net/projects/os-sim/. By Dominique Karg, David Gil, Fabio Ospitia Trujillo, Julio Casal, Jesus D. Munoz http://www.ossim.net/ Gene <snip> "Open Source Software Image Map project"????? What does that have to do with Network Management? I'd love to hear how you think it fits right in with Sentinix.(Continue reading)
Hello, Has anyone had success getting NetDisco running on Sentinix? http://www.netdisco.org Henry This E-mail message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply E-mail, and destroy all copies of the original message.
Sorry guys I should have posted a link. It is the open source security information management. http://www.ossim.net/ I don't really think it's a replacement. It just adds to it. I have just started playing with ossim, but it seems to be good at gathering data from snort/acid, ntop, nessus, and nmap, and giving you a centralized front end for keeping track of the data. It would be something cool to go along with nagios. Like I said though I have just started playing with it and am still trying to get it all figured out. I have it on a fedora box right now and once I get used to it may throw it on my sentinix box. I will post back if it does indeed seem to play nice with sentinix. I was really just curious if anybody else had already done this. -- -- *:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:* Chris Locke http://StageOfBattle.org *:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:* On Thu, 2004-04-01 at 11:16, Terkanian, Greg wrote: > OK, that makes a little more sense. Sorry. I think I've looked at this before. Doesn't it seem more like a replacement for Sentinix? > > > -----Original Message----- > From: sentinix-bounces@...(Continue reading)
Hey! Ossim looks *really* cool. This is definitely something I'll be testing out, correlation between snort, nessus, et al. is *exactly* what information security professionals need in order to understand the big picture. The website mentions that Ossim detects anomolies from collected data in a coordinated manner... it really doesn't seem to be able to get any better than this! Get AlertCon in your private network! Exactly how it's supposed to be! Thanks Chris Locke for bringing this to my attention! :) Michel On Thursday 01 April 2004 19:30, Chris Locke wrote: > Sorry guys I should have posted a link. It is the open source security > information management. > > http://www.ossim.net/ > > I don't really think it's a replacement. It just adds to it. I have just > started playing with ossim, but it seems to be good at gathering data > from snort/acid, ntop, nessus, and nmap, and giving you a centralized > front end for keeping track of the data. It would be something cool to > go along with nagios. > > Like I said though I have just started playing with it and am still > trying to get it all figured out. I have it on a fedora box right now > and once I get used to it may throw it on my sentinix box. I will post > back if it does indeed seem to play nice with sentinix. I was really > just curious if anybody else had already done this.(Continue reading)
You can all get my pubkey from http://sentinix.org/pubkey_michel.asc You can confirm the fingerprint at the bottom of the front page -> http://sentinix.org/ IMPORTANT! I have not sent my pubkey to a keyserver, so if you get it from a keyserver, I did not send it there... and will not send it there either. Michel
RSS Feed18 | |
|---|---|
10 | |
16 | |
19 | |
20 | |
24 | |
32 | |
56 | |
68 | |
49 | |
69 | |
258 | |
74 |
