Results 1 to 4 of 4

Thread: NIDS just got a lot easier

  1. #1
    Join Date
    Aug 2008
    Beans
    Hidden!

    NIDS just got a lot easier

    SecurityOnion has been out for a while now, but it's about to get even easier:

    http://www.youtube.com/watch?v=mazSRVFYmLQ

    No sense in installing Snort to get alerts you can't do much with because of the lack of information, when you can just as easily install SecurityOnion and have the data you need to investigate the alerts.

  2. #2
    cprofitt's Avatar
    cprofitt is offline νόησις νοήσεως - nóesis noéseos
    Join Date
    Oct 2006
    Location
    平静
    Beans
    1,445
    Distro
    Ubuntu Development Release

    Re: NIDS just got a lot easier

    Nice -- going to have to set that up soon.

  3. #3
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: NIDS just got a lot easier

    Nice video. I agree, would be nice to port the tools to rpm systems. IMO if you can package a .deb you can package a .rpm =)
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

  4. #4
    Join Date
    Feb 2010
    Location
    U.K.
    Beans
    782
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: NIDS just got a lot easier

    Interesting presentation and certainly a useful amalgamation of tools. It seems very much aimed at securing/monitoring a corporate's network traffic. The casual dismissal of the cost of storing pcap data and spinning up endless snort instances is a little worrying, but I suppose it is not intended to scale up to say telco levels of traffic.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •