Snort mailing list archives

Re: HELP ON SNORT

From: Eric G <eric () nixwizard net>
Date: Mon, 30 Jan 2012 19:21:07 -0500

On 01/29/2012 11:49 PM, Jeremy Hoel wrote:

And yeah, I get that it can be installed and not run as a LiveCD, but
your Organization still has to support the base OS. So if it's Ubuntu
you might have an issue with some of the DoD types as they are all pro
RedHat/Cent.  Then there's the update scripts, security checks, etc.
It's not that it can't be done, it's just that it's not the right tool
for that option.  I know it's worked great for you and I think it's a
fantastic learning tool.  A lot of people talk very highly about it.


Well, the thing with DoD types and Linux distributions is that there are 
DoD mandates that all software have a support contract, and many DoD 
shops (well, the ones I've worked in anyway) already have a RedHat 
support license. It's less of an inherent bias and more of a "path of 
least resistance" thing (that's how I looked at it anyway). The "skids 
were already greased" for RedHat in the shops I've worked in.

If you guys are serious about getting into the DoD space, have a look at 
the STIGs (Security Technical Implementation Guides) at 
http://iase.disa.mil specifically 
http://iase.disa.mil/stigs/os/unix/red_hat.html - those are the nitty 
gritty technical requirements one faces when they want to stand a box up 
in a DoD environment.

It kind of ends up being easier to buy "appliances" instead of building 
servers in DoD because of the STIGs, unless you have the technical 
talent on staff to STIG boxes and maintain them... again, not bias, just 
"path of least resistance"

--
Eric

------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Re: HELP ON SNORT, (continued)
- - - Re: HELP ON SNORT Dustin Webber (Jan 30)
    - Re: HELP ON SNORT beenph (Jan 30)
    - Re: HELP ON SNORT Martin Holste (Jan 30)
    - Re: HELP ON SNORT Dustin Webber (Jan 30)
    - Re: HELP ON SNORT Carney, Megan (Jan 30)
    - Re: HELP ON SNORT Rich Graves (Jan 31)
    - Re: HELP ON SNORT Jeremy Hoel (Jan 29)
    - Re: HELP ON SNORT Scott Runnels (Jan 29)
    - Re: HELP ON SNORT Jeremy Hoel (Jan 29)
    - Re: HELP ON SNORT Heine Lysemose (Jan 29)
    - Re: HELP ON SNORT Eric G (Jan 31)
    - Re: HELP ON SNORT Kimi Ushida (Jan 30)
- help on snort Jagan Mohan Reddy D (Feb 03)
  - Re: help on snort Jefferson Diego Gomes Rosa (Feb 03)
- help on snort Jagan Mohan Reddy D (Mar 03)
  - Re: help on snort Joel Esler (Mar 04)