Date: Sun, 05 Feb 2006 08:50:24 -0800 From: Drew Tomlinson <drew@mykitchentable.net> To: Paul Schmehl <pauls@utdallas.edu> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: SnortCenter2 on FBSD? Message-ID: <43E62CD0.2080505@mykitchentable.net> In-Reply-To: <51AF56669FDF276E587406DA@Paul-Schmehls-Computer.local> References: <43E4F01D.6030706@mykitchentable.net> <51AF56669FDF276E587406DA@Paul-Schmehls-Computer.local>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/4/2006 10:53 AM Paul Schmehl wrote: > --On February 4, 2006 10:19:09 AM -0800 Drew Tomlinson > <drew@mykitchentable.net> wrote: > >> Is anyone using SnortCenter2 >> (http://sourceforge.net/projects/snortcenter2/) on FreeBSD? I see >> there's a Linux agent but not a FBSD. Maybe it works with FBSD Linux >> emulation? Not finding any docs on this via Google. Just looking for a >> little encouragement and direction before heading down this path. Any >> suggestions appreciated. >> > I just downloaded, unpacked and ran the installs on both parts (sensor > and console). > > They installed just fine. The sensor is written in perl and "knows > about" FreeBSD (but only up to version 5.0, which is a little > behind). During setup you'll be prompted for the OS you're using and > its version. It runs fine on my 5.4 box. > > The console is written in php and requires nothing more than creating > a directory, editing your httpd.conf file and running the setup > program through your web browser (if you don't already have your db > setup.) > > It doesn't look like there's much to it, but I've never used it, so I > can't really say how well it works or whether it's worthwhile. It > *does* use its own copy of webmin, and runs its own webserver on an > unprivileged port. I personally don't care for *any* tool that allows > admins to access a box through a web interface to do administrative > work, but that's personal preference. Your situation may be > completely different from mine, and your risk factors may be > completely different from mine. Thank you for your response. I'm running 6.0 but perl is perl so it shouldn't matter. I'll give it a try and post my results for the archives. Are you going to pursue using it any further even though it allows the admin access through a web interface? If you do, I'd be interested in your results. Thanks, Drew -- Visit The Alchemist's Warehouse Magic Tricks, DVDs, Videos, Books, & More! http://www.alchemistswarehouse.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43E62CD0.2080505>