hi, i want to try snort. is it OK to use it with a standalone computer with kerio 2.1.5 on a ADSL PPP connexion? thanks :)

can someone tell me if i can use Snort on my PC? thanks :)

Hi,

Snort is a network intrusion detection system which is often used to audit a system in LAN/Private Network architecture or configuration.
But we could use it on a single PC.

With an integrated database of attacks, Snort can datect more of them (We may use Nessus for instance) and has also the ability to sniff suspicious packets.

If you have a little experience of network administration, it will not be difficult to use it.
If it's not the case, you'll surely have to take an apirin for the rules and configurations ;) .

There's others NIDS/IDS which are surely more easy to use.
One of my favourite is Samhain which integrated a powerfull integrity checkers:

http://la-samhna.de/samhain/

You could also take a look on the GFI site.

More informations:

*An intrusion detection FAQ:

http://www.sans.org/resources/idfaq/

*To run Snort on Windows:

http://www.sans.org/resources/idfaq/snort.php

Now it's time for me to play soccer...

Regards

-{ Quote: "Hi,

Snort is a network intrusion detection system which is often used to audit a system in LAN/Private Network architecture or configuration.
But we could use it on a single PC.

With an integrated database of attacks, Snort can datect more of them (We may use Nessus for instance) and has also the ability to sniff suspicious packets.

If you have a little experience of network administration, it will not be difficult to use it.
If it's not the case, you'll surely have to take an apirin for the rules and configurations ;) .

There's others NIDS/IDS which are surely more easy to use.
One of my favourite is Samhain which integrated a powerfull integrity checkers:

http://la-samhna.de/samhain/

You could also take a look on the GFI site.

More informations:

*An intrusion detection FAQ:

http://www.sans.org/resources/idfaq/

*To run Snort on Windows:

http://www.sans.org/resources/idfaq/snort.php

Now it's time for me to play soccer...

Regards" }-

Wow, thanks kareldjag 8) i think i'll download Samhain. i have been looking at integrity checkers the last few days, i even just downloaded fingerprint, but now i'll have alook at Samhain first. thanks for your help :)

Will Samhain run on windows? :-\

-{ Quote: "Will Samhain run on windows? :-\" }-
hi, Gerard :) this is from the page -
samhain is a multiplatform, open source solution for centralized file integrity checking / host-based intrusion detection on POSIX systems (Unix, Linux, Cygwin/Windows). It has been designed to monitor multiple hosts with potentially different operating systems from a central location, although it can also be used as standalone application on a single host.

Thanks Ice,

I found this link in the meantime:

http://la-samhna.de/samhain/HOWTO-samhain-on-windows.html

Cheers,

Gerard

-{ Quote: "Thanks Ice,

I found this link in the meantime:

http://la-samhna.de/samhain/HOWTO-samhain-on-windows.html

Cheers,

Gerard" }-
looks good, are you thinking of installing it too?

Iceni60,

I am not planning to install as long as I use XP ;)
Cheers,

Gerard

-{ Quote: "Iceni60,

I am not planning to install as long as I use XP ;)
Cheers,

Gerard" }-
OK, do you mean you think it isn't needed?

I think it is a bit overdone because you consider to install on a standalone machine. On the other hand it might be a nice tool to play with and learn a lot.

Gerard

-{ Quote: "I think it is a bit overdone because you consider to install on a standalone machine. On the other hand it might be a nice tool to play with and learn a lot.

Gerard" }-
yes, for me the main reason i wanted to install intrusion detection software was to learn abit more about networks, and i really like the sound of this one because, i need, and it has a file checker too.