Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 17 Aug 2006 10:01:50 -0500
From:      Paul Schmehl <pauls@utdallas.edu>
Cc:        ports@freebsd.org
Subject:   Re: ossim patch for snort
Message-ID:  <44E484DE.4090905@utdallas.edu>
In-Reply-To: <20060817143647.GA90028@atarininja.org>
References:  <18824198.1155810153705.JavaMail.root@ps22> <20060817143647.GA90028@atarininja.org>

next in thread | previous in thread | raw e-mail | index | archive | help
This is a cryptographically signed message in MIME format.

--------------ms040607090900040609020509
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Wesley Shields wrote:
> On Thu, Aug 17, 2006 at 12:22:33PM +0200, ilreds@tiscali.it wrote:
>> Hi,
>> I need use ossim (www.ossim.net), a security tool that provides patch 
>> for snort, ntop, arpwatch, tcptrack, base, ecc.
>>
>> Can you apply ossim patch to the snort port?
> 
> You sent me the same message but asking me to apply the patch to the
> ntop port.  As I told you in my reply I don't think ossim provides
> patches to the various applications but rather bundles them all together
> with some glue and a web front end.  If anything there should be an
> ossim port.
> 
> Of course, this is all from a 5 minute glance through the webpage you
> linked to so I could be entirely wrong.  If anyone has the time to port
> ossim I'm sure it would be appreciated by the original poster.
> 
If someone wants to tackle an ossim port, they will first have to create 
a port for spade.  Then, after the spade port has been accepted into the 
ports tree, they can create the ossim port.  The ossim website doesn't 
even provide any links to spade, or any of the other applications it 
uses, nor does it provide instructions on how they integrate into ossim.

Once you've gotten spade accepted, you'll have to deal with a a boatload 
of dependencies and options to get the port working as the end-users 
will expect.  You'll have to check for, and install if necessary, 
arpwatch, p0f, pads, nessus, snort, mysql, spade, tcptrack, ntop, nagios 
and possibly osiris.

I've been down this road before.  I decided to build ports for sguil.  I 
first had to port barnyard and sancp and fix the iwidgets port (so I 
became maintainer.)  The sguil ports are *still* not in the ports tree, 
and I started this project well over a year ago.  I actually had to 
scrap my original sguil ports because sguil had a major revision before 
any of them were accepted.

That's what you face if you want to port ossim.

Good luck.

-- 
Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

--------------ms040607090900040609020509
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIPTjCC
A9gwggNBoAMCAQICEEHsHz2nFAeWxPbVDN3RD2UwDQYJKoZIhvcNAQEFBQAwgcExCzAJBgNV
BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMiBQdWJs
aWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykg
MTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4XDTk5MDMzMTAwMDAwMFoXDTA5MDMzMDIzNTk1
OVowgeoxJzAlBgNVBAoTHlRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIFN5c3RlbTEfMB0GA1UE
CxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE7MDkGA1UECxMyVGVybXMgb2YgdXNlIGF0IGh0
dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEgKGMpOTkxMjAwBgNVBAsTKUNsYXNzIDIgQ0Eg
LSBPblNpdGUgSW5kaXZpZHVhbCBTdWJzY3JpYmVyMS0wKwYDVQQDEyRUaGUgVW5pdmVyc2l0
eSBvZiBUZXhhcyBhdCBEYWxsYXMgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL/q
74frHgrBAPkiEcHRwczbetq+NtJwYDBg5RngUy819MmoKQXW3j2d8waaZH2+0YdUeJv/onjx
+4erw/yHTMJJQQ3hwNKl1/x+/0JRTnTzAdVoc6VdBDH45iklY6gjmkRqgYsPsDnx79tGWMO6
uM9L83rBokmVgyNDupsajzKFAgMBAAGjgaUwgaIwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMT
EVByaXZhdGVMYWJlbDEtMTQwMBEGCWCGSAGG+EIBAQQEAwIBBjBEBgNVHSAEPTA7MDkGC2CG
SAGG+EUBBwEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9SUEEw
DwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEFBQADgYEAUwm13LK2
idEgUIPJOHncyAiySb+4U4Nvisyy5Hp8/KPoD19hXl+XBJUSWtKVASLxvO3xVLZUplQYoZ1U
vAZpBMcCITeigjmIp6ygn+iDGV2SSDkaWYIkIEO8hpUS3IN04ebjE75qpIcAMTEjByWbr7os
UZEOWaajF4jStM5UFxwwggVzMIIE3KADAgECAhAdMJQ44vbY+scnxppFEtDAMA0GCSqGSIb3
DQEBBAUAMIHqMScwJQYDVQQKEx5UaGUgVW5pdmVyc2l0eSBvZiBUZXhhcyBTeXN0ZW0xHzAd
BgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBh
dCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTk5MTIwMAYDVQQLEylDbGFzcyAy
IENBIC0gT25TaXRlIEluZGl2aWR1YWwgU3Vic2NyaWJlcjEtMCsGA1UEAxMkVGhlIFVuaXZl
cnNpdHkgb2YgVGV4YXMgYXQgRGFsbGFzIENBMB4XDTA2MDcyMTAwMDAwMFoXDTA3MDcyMTIz
NTk1OVowgfQxJzAlBgNVBAoUHlRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIFN5c3RlbTEtMCsG
A1UECxQkVGhlIFVuaXZlcnNpdHkgb2YgVGV4YXMgYXQgRGFsbGFzIENBMUYwRAYDVQQLEz13
d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTIEluY29ycC4gYnkgUmVmLixMSUFCLkxU
RChjKTk5MRgwFgYDVQQLFA9NYWlsIFN0b3AgLSBVVEQxFTATBgNVBAMTDFBhdWwgU2NobWVo
bDEhMB8GCSqGSIb3DQEJARYScGF1bHNAdXRkYWxsYXMuZWR1MIGfMA0GCSqGSIb3DQEBAQUA
A4GNADCBiQKBgQCrBVCMoEwZGjvluL0Zlb//jU6SQzTT3WoQv6lEUYtCHflUzW6KIs6V5lGD
I8c+qq9E6dkyK9mzpLFFOpuGuHqHghUEOIL5ItYRIui9znBYtVgKoJmx+Q2B4iS2M1yGDa1a
hbMHtSX39s3vbjv1Dna7ouh3ZmPFgO2hYpdGGIYApQIDAQABo4ICDDCCAggwCQYDVR0TBAIw
ADAdBgNVHREEFjAUgRJwYXVsc0B1dGRhbGxhcy5lZHUwggEkBgNVHSAEggEbMIIBFzCCARMG
C2CGSAGG+EUBBwEGMIIBAjArBggrBgEFBQcCARYfaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
L3JwYS1rcjCB0gYIKwYBBQUHAgIwgcUagcJOT1RJQ0U6IFByaXZhdGUga2V5IG1heSBiZSBy
ZWNvdmVyZWQgYnkgVmVyaVNpZ24ncyBjdXN0b21lciB3aG8gbWF5IGJlIGFibGUgdG8gZGVj
cnlwdCBtZXNzYWdlcyB5b3Ugc2VuZCB0byBjZXJ0aWZpY2F0ZSBob2xkZXIuICBVc2UgaXMg
c3ViamVjdCB0byB0ZXJtcyBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhLWtyIChj
KTk5LjARBglghkgBhvhCAQEEBAMCB4AwdQYDVR0fBG4wbDBqoGigZoZkaHR0cDovL29uc2l0
ZWNybC52ZXJpc2lnbi5jb20vVGhlVW5pdmVyc2l0eW9mVGV4YXNTeXN0ZW1UaGVVbml2ZXJz
aXR5b2ZUZXhhc2F0RGFsbGFzQ0EvTGF0ZXN0Q1JMLmNybDALBgNVHQ8EBAMCBSAwHQYDVR0l
BBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMA0GCSqGSIb3DQEBBAUAA4GBADXwtwprdba6Q09c
Guq5Fe8UR5PsRXpC/D+zXhGswIv3AqUy/Osm1j9KRhrioInQqnVQUOl/zLL5GSvKJZHdzCap
bVSdELy2pgb7x2iM+6awFX3yjs0bhlGOmakYsPorCGIX/Ff96PfFGQgFz3EOWBFYSsior8ZW
NlXVIdcGqqC4MIIF9zCCBWCgAwIBAgIQRwBAwrEtuPEMlwm1Xz1jAjANBgkqhkiG9w0BAQQF
ADCB6jEnMCUGA1UEChMeVGhlIFVuaXZlcnNpdHkgb2YgVGV4YXMgU3lzdGVtMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0
cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYyk5OTEyMDAGA1UECxMpQ2xhc3MgMiBDQSAt
IE9uU2l0ZSBJbmRpdmlkdWFsIFN1YnNjcmliZXIxLTArBgNVBAMTJFRoZSBVbml2ZXJzaXR5
IG9mIFRleGFzIGF0IERhbGxhcyBDQTAeFw0wNjA3MjEwMDAwMDBaFw0wNzA3MjEyMzU5NTla
MIH0MScwJQYDVQQKFB5UaGUgVW5pdmVyc2l0eSBvZiBUZXhhcyBTeXN0ZW0xLTArBgNVBAsU
JFRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIGF0IERhbGxhcyBDQTFGMEQGA1UECxM9d3d3LnZl
cmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJlZi4sTElBQi5MVEQoYyk5
OTEYMBYGA1UECxQPTWFpbCBTdG9wIC0gVVREMRUwEwYDVQQDEwxQYXVsIFNjaG1laGwxITAf
BgkqhkiG9w0BCQEWEnBhdWxzQHV0ZGFsbGFzLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALhs8O1TDnZOvdnDqje3YRFfXgqsZTdAy20jvGX+cWIMlGZqbDIFGu0eTyep
ircIUposx7ngZzzSmo+p91PSgzDC8pF9Riy+aHoME9LEbP6UTnLURuYTyn+GeKzWEuxswFBl
p9s5VFMToiT6jA0xBcek4D2ZvzoRLuNu4cbo12n8rKN/zkrcrqJtZCmIMbzWdMHpJ5S84WYZ
j204WonJP6uxp1CSnR1cFC8oPSb8kRpoEzx8UYX9cbpC4usm4ITsxeKnUKHHEXYpY2bJTz6l
oPM5NlMpx3TklslVX/VwXIP9tPPfWp0aPw4N3dlJXa4M8UuKZZiZGXpjr8a3GCHQ0wsCAwEA
AaOCAgwwggIIMAkGA1UdEwQCMAAwHQYDVR0RBBYwFIEScGF1bHNAdXRkYWxsYXMuZWR1MIIB
JAYDVR0gBIIBGzCCARcwggETBgtghkgBhvhFAQcBBjCCAQIwKwYIKwYBBQUHAgEWH2h0dHBz
Oi8vd3d3LnZlcmlzaWduLmNvbS9ycGEta3IwgdIGCCsGAQUFBwICMIHFGoHCTk9USUNFOiBQ
cml2YXRlIGtleSBtYXkgYmUgcmVjb3ZlcmVkIGJ5IFZlcmlTaWduJ3MgY3VzdG9tZXIgd2hv
IG1heSBiZSBhYmxlIHRvIGRlY3J5cHQgbWVzc2FnZXMgeW91IHNlbmQgdG8gY2VydGlmaWNh
dGUgaG9sZGVyLiAgVXNlIGlzIHN1YmplY3QgdG8gdGVybXMgYXQgaHR0cHM6Ly93d3cudmVy
aXNpZ24uY29tL3JwYS1rciAoYyk5OS4wEQYJYIZIAYb4QgEBBAQDAgeAMHUGA1UdHwRuMGww
aqBooGaGZGh0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29tL1RoZVVuaXZlcnNpdHlvZlRl
eGFzU3lzdGVtVGhlVW5pdmVyc2l0eW9mVGV4YXNhdERhbGxhc0NBL0xhdGVzdENSTC5jcmww
CwYDVR0PBAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMEBggrBgEFBQcDAjANBgkqhkiG9w0B
AQQFAAOBgQA9UGpjcqqUOiW6cyNOH+jckkXIyLRSQtaQ0ykn1lelyR5U0bmcdj7PIcmRbxZn
PFzqL6YPmxgN8hKHZhViuGivIRamwmD62JMXmJz1Py8pIxHsRJyXu7sz+D9KtM19zMAzNicz
m3WBkXrdi6+QqWJum0sAAwJ1OaQf9AR8DU1HADGCBQgwggUEAgEBMIH/MIHqMScwJQYDVQQK
Ex5UaGUgVW5pdmVyc2l0eSBvZiBUZXhhcyBTeXN0ZW0xHzAdBgNVBAsTFlZlcmlTaWduIFRy
dXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJp
c2lnbi5jb20vcnBhIChjKTk5MTIwMAYDVQQLEylDbGFzcyAyIENBIC0gT25TaXRlIEluZGl2
aWR1YWwgU3Vic2NyaWJlcjEtMCsGA1UEAxMkVGhlIFVuaXZlcnNpdHkgb2YgVGV4YXMgYXQg
RGFsbGFzIENBAhBHAEDCsS248QyXCbVfPWMCMAkGBSsOAwIaBQCgggLdMBgGCSqGSIb3DQEJ
AzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA2MDgxNzE1MDE1MFowIwYJKoZIhvcN
AQkEMRYEFFKBCwW1z+pRGiE8MvBkzzN/XrewMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcN
AwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMC
AgEoMIIBEQYJKwYBBAGCNxAEMYIBAjCB/zCB6jEnMCUGA1UEChMeVGhlIFVuaXZlcnNpdHkg
b2YgVGV4YXMgU3lzdGVtMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYD
VQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYyk5
OTEyMDAGA1UECxMpQ2xhc3MgMiBDQSAtIE9uU2l0ZSBJbmRpdmlkdWFsIFN1YnNjcmliZXIx
LTArBgNVBAMTJFRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIGF0IERhbGxhcyBDQQIQHTCUOOL2
2PrHJ8aaRRLQwDCCARMGCyqGSIb3DQEJEAILMYIBAqCB/zCB6jEnMCUGA1UEChMeVGhlIFVu
aXZlcnNpdHkgb2YgVGV4YXMgU3lzdGVtMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3
b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
L3JwYSAoYyk5OTEyMDAGA1UECxMpQ2xhc3MgMiBDQSAtIE9uU2l0ZSBJbmRpdmlkdWFsIFN1
YnNjcmliZXIxLTArBgNVBAMTJFRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIGF0IERhbGxhcyBD
QQIQHTCUOOL22PrHJ8aaRRLQwDANBgkqhkiG9w0BAQEFAASCAQAsJfxeaiIpmW0g8SSQE53E
InhZgz8Deu85+zlGc6qYG+GNBuCRfCYS632r4aQsRXycEUfQfsp6Tw5tNhbZJx19tQSVK34e
Kq7KsvNPnPTHU7vnBLFAkNevdkGFpW6OCCf0laL4IRSPsH02dCTENtq0t/40H5xrYfkDcble
VWTlPsJ3g/cb9DKXWH/ftjM1OKtkbAB9nDgdCMfgVs9g46VpJfNt2PrFTIDwr7g7Y8QZScRG
WaSTAz2S+UsrMQX21wDUfFJ5KI7Xq9HDSxhUcs3PUP6clXTa/NnI5cOM0GE2JINvAmmHrDps
kMWr896e0gRBlvlR3ihK640BSQefI/gCAAAAAAAA
--------------ms040607090900040609020509--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44E484DE.4090905>