Home page logo
/

pauldotcom logo PaulDotCom mailing list archives

Re: Basic Setup of Security-Onion: Snort, Snorby, Barnyard, PulledPork, Daemonlogger
From: Antonios Atlasis <antonios.atlasis () gmail com>
Date: Wed, 18 Jan 2012 16:32:29 +0200

I'm using it mainly for traffic analysis of network flow data. I'll try the
tools that you are suggesting though.

Thanks for your reply and your interest.

Antonios

2012/1/17 Doug Burks <doug.burks () gmail com>

Hi Antonios,

What exactly do you use SiLK for?  You may be able to find the session
data you're looking for in other tools that already exist in Security
Onion such as SANCP, Argus, and Bro.

Thanks,
Doug

On Mon, Jan 16, 2012 at 2:24 PM, Antonios Atlasis
<antonios.atlasis () gmail com> wrote:
Thanks a lot for your reply, Doug,

I am looking forward to it. By the way, can I suggest an additional tool
for
one of the next releases? I was thinking about SiLK. It may be valuable
to
some intrusion analysts


Antonios

2012/1/16 Doug Burks <doug.burks () gmail com>

Hi Antonios,

Yes, I will most likely spin a new ISO next week. I'm waiting on the new
version of Suricata to be released so I can include it.

Please let me know if you have any further questions!

Thanks,
Doug


On Monday, January 16, 2012, Antonios Atlasis <
antonios.atlasis () gmail com>
wrote:
Hi Doug

are you planning to release a new iso too? Just wondering...

Congratulations for the great work!

Antonios

2012/1/16 Doug Burks <doug.burks () gmail com>

Adrian, thanks for the plug and the great video!

I just published Security Onion 20120116 which updates Snort to
2.9.2:


http://securityonion.blogspot.com/2012/01/security-onion-20120116-now-available.html

BTW, if you're a fan of Security Onion, please vote for it for 2011
Toolsmith Tool of the Year!


http://holisticinfosec.blogspot.com/2011/12/choose-2011-toolsmith-tool-of-year.html

Thanks,
Doug Burks

On Sun, Jan 15, 2012 at 8:37 PM, Adrian Crenshaw
<irongeek () irongeek com> wrote:


Thanks to Doug Burks (he might make a good interview) for making
building a
Network Security Monitoring Server much easier. I mentioned Snort,
Snorby,
Barnyard, PulledPork and Daemonlogger in the title, but there is a
lot more
on the distro than that. This is a nice way to get an IDS up and
running
featuring pretty frontends without going into dependency hell.



http://www.irongeek.com/i.php?page=videos/basic-setup-of-security-onion-snort-snorby-barnyard-pulledpork-daemonlogger

Adrian
--
"The ability to quote is a serviceable substitute for wit." ~ W.
Somerset
Maugham

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



--
Doug Burks
SANS GSE and Community Instructor
Security Onion | http://securityonion.blogspot.com
President, Greater Augusta ISSA | http://augusta.issa.org
Please vote for Security Onion for 2011 Toolsmith Tool of the Year! |
http://goo.gl/PwTDi
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



--
=================================
Antonios Atlasis, PhD, MPhil
GIAC GREM, GPEN, GWAPT, CCIH, GCIA


--
Doug Burks
SANS GSE and Community Instructor
Security Onion | http://securityonion.blogspot.com
President, Greater Augusta ISSA | http://augusta.issa.org
Please vote for Security Onion for 2011 Toolsmith Tool of the Year! |
http://goo.gl/PwTDi


_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com




--
=================================
Antonios Atlasis, PhD, MPhil
GIAC GREM, GPEN, GWAPT, CCIH, GCIA

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



--
Doug Burks
SANS GSE and Community Instructor
Security Onion | http://securityonion.blogspot.com
President, Greater Augusta ISSA | http://augusta.issa.org
Please vote for Security Onion for 2011 Toolsmith Tool of the Year! |
http://goo.gl/PwTDi
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com




-- 
=================================
Antonios Atlasis, PhD, MPhil
GIAC GREM, GPEN, GWAPT, CCIH, GCIA
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault