[Oisf-users] Smooth-Sec is out, the beauty of Snorby and the power of Suricata. The ready to-go IDS/IPS linux distribution.

Pablo pablo.rincon.crespo at gmail.com
Thu Mar 10 15:53:39 UTC 2011


Good Work Phillip :)

Victor has a point, prebuilt PF_RING support is a good suggestion.
Some other suggestions/questions btw:
- If you didn't yet, add nfqueue so the steps to run it as IPS are
less (it's not mentioned at the project description webpage).
- Do you include any rule updater/manager? (ex: oinkmaster or any
other out there).

-- 

Best regards,

--
Pablo Rincón Crespo
Security researcher and developer
Open Information Security Foundation - http://www.openinfosecfoundation.org
Emerging Threats Pro, INC - http://www.emergingthreatspro.com
------------------------------------

2011/3/10 Victor Julien <victor at inliniac.net>:
> Nice work Phillip! Does the Suricata version you included have PF_RING
> enabled? Safes ppl the effort to compile the kernel module and userland.
>
> Cheers,
> Victor
>
> On 03/10/2011 04:23 PM, phillip at bailey.st wrote:
>>
>>
>> Today I'm pleased to announce the release of Smooth-Sec, the ready to go
>> IDS/IPS linux distribution.
>>
>> Smooth-Sec is a ready to-go  IDS/IPS (Intrusion Detection/Prevention
>> System) linux distribution based on the multi threaded Suricata IDS/IPS
>> engine and Snorby, the top notch web application for network security
>> monitoring. Smooth-Sec is built on Ubuntu 10.04 LTS using the TurnKey
>> Core base as development platform. Functionality is the key point that
>> allow to deploy a complete  IDS/IPS System up and running out of the box
>> within a few minutes, even for security beginners with minimal Linux
>> experience.
>>
>>
>> This project is not intended in any way to compete with Snorby and his
>> team. Is my wish to maintain the cooperation that we had in the past
>> months with the  the exciting work on SnorbySPA. It is also my wish
>> to cooperate with the Suricata team in the next developments.
>>
>> website http://bailey.st/blog/smooth-sec/
>>
>>
>>
>> Regards,
>>
>> Phillip
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>



More information about the Oisf-users mailing list