Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Snort+acid is very very nice. Also, snort can log to a postgre or mysql database. You can then write some php to pull all the data from the db and display it on a page.
I actually already have some php scripts written for them. if you are interested....
Demarc is really nice, and cake to install, you just need a machine w/o a web+sql server because the default install drops them in for you. It's not free for commercial use though..
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,609
Rep:
If you are talking about the BB that can be found at http://www.bb4.com then yes it is very good. It's not an IDS though, it's a network monitoring system.
To piggyback on this discussion. I'm looking for the same solution for my home network that consists of a w2k server and linux server ver7.3 also w/dsl. I attempted to install the win version of puresecure on my w2k web server running apache/mysql & php. the install went good until I went to start the service. Afterwards it gave me the following:
PureSecure Installation and Setup complete.
You will need to map the following virtual paths to their installation paths in your IIS webserver before you can login to the PureSecure Console:
/Demarc -> c:\PureSecure\console\cgi
/dm_images -> c:\PureSecure\console\images
/Demarc should have "Scripts and Exectubales" enabled, but *no* "Read" permission.
/dm_images should have "Read" permissions, but no "Execute" permissions.
The first problem is that I'm running Apache instead of IIS, and all of those services are stopped. So I'm assuming I'll need to modify the httpd.conf file, but I'm not how to.
Can anyone assist with this? Since I wasn't using the linux server as a web server I wasn't sure about installing it there. So I placed it on my web server, which just happens to be w2k. Anyone know if running this on a standalone linux server that won't be running as a web server will be a problem?
Sorry mate, can't help you on this one, I installed puresecure on linux side, I did what I was told to do - removed my current apache (backed up everything of course), removed MySQL ( I didn't even used that before, it was there for "later" use), ran ./configure script for PureSecire, it installed everything, upgraded openssl - it tends to install openssl version which is a little bit outdated, and now I have a fully functional (almost) IDS, gotta work some rules for snort though - whenever I go on the net and fire up my browser to surf the net I am getting a port scan alert in my logs telling me that my IP has port scanned whoever I point my browser to, LQ, etc.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.