IDS mailing list archives
Release of Shadow/Snort IDS version 3.1
From: Guy Bruneau <seeker () whitehats ca>
Date: Tue, 26 Aug 2003 19:34:20 -0400
his is to announce the release of Shadow/Snort IDS version 3.1. This package is released under the GNU software. Here are some of the features of Shadow /SnortIDS 3.1: - Hardened OS based on Slackware 9.0.0 - Linux kernel 2.4.21 - Trimmed down OS (~150 MB) and automatically runs the Shadow and Snort sensors after installation^M - Minimal user installation and configuration - Has no compiler and Open SSH is the only external service - Can only be access via Open SSH (deny all access by default) - Can search the sensor logs with a multi-day Perl script without the aid of an Analyzer. More information on how to use this feature is available on the installation sheet. - Can search the sensor logs with a multi-day Perl script using Ngrep with a combination of strings and BPF filters. Additional information on how to use this feature is available on the installation sheet. - See the release note directory for the installion sheet (install.pdf). - Built with NSWC's Shadow version 1.8 - Built with Snort IDS version 2.0.1 - Built with Ngrep 1.41.0 - Snort can monitor multiple interfaces with the use of the Snort configuration scripts. - Included slackupdate.sh script to maintain Slackware patches - Included Snort's oinkmaster.pl script to update Snort signatures. - A FAQ is located on the CD in the release note directory The complete installation process is located at: http://www.whitehats.ca/main/members/Seeker/seeker_shadow_IDS/seeker_shadow_ids.html The ISO can be dowloaded at: http://www.whitehats.ca/downloads/ids/shadow-slack/shadow.iso The MD5 signature for the Shadow ISO image is located at: http://www.whitehats.ca/downloads/ids/shadow-slack/shadow.md5 References: Shadow IDS at: http://www.nswc.navy.mil/ISSEC/CID/ Snort at: http://www.snort.org --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the worldÂs premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symanetc is the Diamond sponsor. Early-bird registration ends September 6 Visit: www.blackhat.com ---------------------------------------------------------------------------
Current thread:
- Release of Shadow/Snort IDS version 3.1 Guy Bruneau (Aug 27)