Snort, IDS, Firewall
It would be nice to see some sort of Perfect Server setup with the very bare minimum install of an os (deb or ubuntu server) with and IDS setup (snort with the addition of Snorby frontend, barnyard2, suricata and pulled pork) as well as a configurable firewall (IPCop, etc) and webfilter (squid) rolled into one install. The detailed tutorials on the web are somewhat outdated.
Hopefully someone out there can shed some light. :)
Due to the number of views, I figured I would post something that I have found recently and am currently using.
Great distribution with amazing tools already installed so you don't run into what I kept finding trying to get snort/snorby/pulled pork installs (dependency nightmare). This is not a complete solution as previously posted, but it does work very well for the IDS and reporting side.
neofire did a nice tutorial for this here:
pfSense - Squid + Squidguard / Traffic Shapping Tutorial
The tutorial could be adapted to include snort as well for the IDS. Major thanks for this gem !
|All times are GMT +2. The time now is 20:41.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.