Page 9 of 31 FirstFirst ... 789101119 ... LastLast
Results 81 to 90 of 309

Thread: Intrusion Detection

  1. #81
    Join Date
    Jul 2005
    Beans
    11

    Re: Intrusion Detection

    Quote Originally Posted by bodhi.zazen View Post
    You have to install / configure ssl and apache :

    http://www.tc.umn.edu/~brams006/selfsign_ubuntu.html
    Thanks alot

  2. #82
    Join Date
    Jan 2009
    Beans
    11

    Re: Intrusion Detection

    is there any way to automatically import honeycomb signatures to snort ?
    thx

  3. #83
    Join Date
    May 2008
    Beans
    62

    Question Re: Intrusion Detection

    bodhi,
    I tried to follow your tutorial for protection, but for some reason the security level set from I believe compliance to enforce has blocked firefox 3. Is there a way to reverse this? Or clear the process and go back to the beginning?

  4. #84
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: Intrusion Detection

    Quote Originally Posted by menschtx View Post
    bodhi,
    I tried to follow your tutorial for protection, but for some reason the security level set from I believe compliance to enforce has blocked firefox 3. Is there a way to reverse this? Or clear the process and go back to the beginning?
    Are you asking about apparmor ?
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

  5. #85
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: Intrusion Detection

    Quote Originally Posted by menschtx View Post
    bodhi,
    I tried to follow your tutorial for protection, but for some reason the security level set from I believe compliance to enforce has blocked firefox 3. Is there a way to reverse this? Or clear the process and go back to the beginning?
    Are you asking about apparmor ?

    If so see the sticky on apparmor.

    sudo aa-complain firefox
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

  6. #86
    Join Date
    Mar 2009
    Beans
    36
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: Intrusion Detection

    I was just reading this tutorial and it says to use airsnort if you use wireless. When I go to the airsnort site it says that the project is dead. Is there an alternitive I should use? Thanks

  7. #87
    Join Date
    Dec 2006
    Beans
    216

    Re: Intrusion Detection

    Is there any way to verify that my database if being populated with data? I run snort -v, and I see it capturing data. I have also set up the database, and I see the tables in it. How do I run snort to push data to the database, and then what command do I run in the database to see the data just collected please? Oh btw, the bleeding rules url does not work. Does anyone have another link where these rules can be downloaded for snort2.8.3.2?

  8. #88
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: Intrusion Detection

    Quote Originally Posted by shahin View Post
    Is there any way to verify that my database if being populated with data? I run snort -v, and I see it capturing data. I have also set up the database, and I see the tables in it. How do I run snort to push data to the database, and then what command do I run in the database to see the data just collected please? Oh btw, the bleeding rules url does not work. Does anyone have another link where these rules can be downloaded for snort2.8.3.2?
    I use base to look at alerts generated by snort. You can look at mysql directly or what ever you wish.

    If you want to test it, hit your box (snort) with a port scanner.

    Snort does not, buy default, capture all packets. To do that use wireshark.
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

  9. #89
    Join Date
    Dec 2006
    Beans
    216

    Re: Intrusion Detection

    Thanks bodhi. Something else is puzzling me now. I am trying to download rules. So I right clicked on the "download" link for the rule, and selected "copy link location", then I move to xterm window, and pasted the clipboard content in front of wget and pressed return. All I get is a 10K file. I seem to be able to download the same file fine using the browser. Any idea?

  10. #90
    Join Date
    Dec 2006
    Beans
    216

    Re: Intrusion Detection

    I downloaded your script, and put it in the right directory, but when I run it I see the following error from snort:
    Code:
    Uh, you need to tell me to do something...
    
    Fatal Error, Quitting..
    Here is where the script is:
    Code:
    @thunder:/etc/init.d$ ls -al snort
    -r-x------ 1 root root 4077 2009-04-04 13:14 snort
    @thunder:/etc/init.d$
    I think the permissions and everything else is as you stated. I am not sure why I get this error.

Page 9 of 31 FirstFirst ... 789101119 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •