Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort on iPhone

From: Hui Cao <hcao () sourcefire com>
Date: Wed, 30 Oct 2013 15:52:25 -0400
You need overcome several issues to snort onto iphone.

1) Get libpcap working on iphone. IOS might not allow you to inspect all packets
2) compile snort on iphone: gcc and other components
3) power consumption can be huge if you let snort running.

This is an interesting project.
Best,
Hui.

On Thu, Oct 17, 2013 at 1:05 PM, Miso Patel <miso.patel () gmail com> wrote:

Some of my engineers are asking ... what is the best way to put Snort on the
iPhone?  They really want to know about IPS mode so they can block specific
network traffic to Apple, arbitrary "apps", etc.  Privacy is big concern
here now, especially now that we know that the United States NSA is
monitoring and recording most of what we do (hi, US NSA :P).

I thought I'd ask here first before asking around about other tools to do
this such as Suricata.

The challenge, as I understand it is to get it to compile on the
architecture.  Since the iPhone is a computer (although with a not a common
an architecture as most PCs, servers, etc.), it should be possible.  Does
anyone have a good tutorial?  If there isn't a Snort IPS app (I didn't see
it in the App Store), I suppose you will have to jailbreak the phone and
install gcc etc. to compile but there could be considerations since the
architecture isn't a normal PC.

TFAT(F)H.

-Miso, CISO

------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!


------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: