Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 06-03-2009, 05:22 AM   #1
LQ Newbie
Registered: Jun 2009
Distribution: Debian 4.0
Posts: 2

Rep: Reputation: 0
samhain prelude sensor - interface bind fails

OS: Debian 4.0
samhain: 2.5.5

Hi there,

need to bind my samhain sensor to send on specific interface. samhain is bound to XX.XX.XX.XX and works fine with yule server ( which is also prelude-manager ).

Tcpdump shows that prelude trys to reach prelude-manager while sending from another addr on Client lets call it YY.YY.YY.YY.

Question: Is there any known way to bind my prelude sensor to a fixed IP addr. Search on ids-prelude website/documentation returned nothing useful.

Thanks for help and regards,

Old 06-28-2009, 11:22 AM   #2
LQ Newbie
Registered: Jun 2009
Posts: 5

Rep: Reputation: 0
Just to make sure I understand, you wish to specify the default server IP address for the prelude client correct? If so, you can accomplish this by modifying /etc/prelude/default/client.conf and specifying the server-addr directive. If it is the bindings for the prelude manager, that can be accomplished by changing the listen directive in /etc/prelude-manager/prelude-manager.conf.

Hope that helps.

Jon Hannah
Sr. Network Engineer
Old 06-30-2009, 02:40 AM   #3
LQ Newbie
Registered: Jun 2009
Distribution: Debian 4.0
Posts: 2

Original Poster
Rep: Reputation: 0

I want to bind my sensor to a specific IP Address on my sensor ( prelude client box ) so it sends to the prelude manager with the same IP Address all the time ( firewalling issues ).



binding, samhain

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
How many IP can we bind on a single eth0 interface husainar Linux - Networking 9 05-19-2009 11:00 AM
Bind to interface OR how to ignore routing jantman Linux - Networking 1 04-01-2009 10:16 AM
Bind gui interface bdavide Linux - Newbie 5 06-15-2008 09:12 AM
GUI/Web Interface for BIND 9 Kholnuu Linux - Software 4 02-21-2005 03:24 PM
rsyncd bind to a interface Greenpie Linux - Networking 1 10-22-2004 08:34 AM

All times are GMT -5. The time now is 02:01 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration