Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 23 replies
  • Subscribers 3 subscribers
  • Views 8992 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intrusion Detection

Ton
Are there any plans for Astaro to interact with an intrusion detection system? 


This thread was automatically locked due to age.
  • 0 in reply to Vertigo1
    You don't have to compile it. There are statically compiled snort 2.0.2 binaries on the net. The one at honeynet.org is an "inline" version but that just means you can use the -Q option. Without it, it will work just like "regular" snort. 
  • 0 in reply to JimmyM
    [ QUOTE ]
    The fixed IP is because you want to define the HOME_NET variable in the snort.conf as the IP of your external interface so it ignores broadcast traffic or other traffic not destined for your machine.  

    [/ QUOTE ]

    You can use:-

    var HOME_NET $eth0_ADDRESS

    For a dynamic assigned ip address in snort.conf.

    Regards

    Colin  
  • 0 in reply to ColinT
    That's true but how often is it updated? If the DSL connecttion is dropped and reconnected, does snort have to be restarted?