Snortsam 2.33 & CHX-I or 8signs

Discussion in 'other firewalls' started by Jazzie1, Jul 11, 2005.

Thread Status:
Not open for further replies.
  1. Jazzie1

    Jazzie1 Registered Member

    Joined:
    Dec 5, 2003
    Posts:
    174
    Hi All!

    Frank Knobbe over at Snortsam, decided to release another version of Snortsam (2.33)! It has various fixes to the source code, not to mention a CHX-I plugin fix, that addressed the logging option to be passed correctly! You can find more info at:

    Snortsam

    Regards
    Jazzie
     
    Last edited: Jul 11, 2005
  2. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    Jazzie,
    Does Snort and Snortsam work with dialup? I Googled this question but couldn't find an answer.
     
  3. Jazzie1

    Jazzie1 Registered Member

    Joined:
    Dec 5, 2003
    Posts:
    174
    Hi, Snort does, but would you really want to?? Snort and or Snortsam should be used in conjunction to protect a dedicated server! It isn't meant for workstations! Unless your intentions are something other...

    Regards
    Jazzie
     
  4. Syncman9

    Syncman9 Registered Member

    Joined:
    Jul 28, 2004
    Posts:
    113
    Location:
    UK
    Jazzie1,

    Your right, but it can be made to work on a workstation, but I'm not sure about with dial up. I've set it up on mine, but my connection is via ethernet.
     
  5. Jazzie1

    Jazzie1 Registered Member

    Joined:
    Dec 5, 2003
    Posts:
    174
    Syncman9-

    Yes it can for testing purposes/packet analyzing. Works rather well with an ethernet tap!:) I like the fact that Snortsam and CHX-I or even 8signs, will work as an auto-block IPS to monitor inbound traffic on a file server. I have a write-up for 8signs over at Snortsam.net:

    http://www.snortsam.net/files/snortsam-v2_multi-threaded/docs/README_8signs.rtf

    Which, can be easily be converted over to configure Snortsam & CHX-I!
    Just need to change a few variables in the script.

    Regards
    Jazzie
     
Thread Status:
Not open for further replies.