[Pauldotcom] Basic Setup of Security-Onion: Snort, Snorby, Barnyard, PulledPork, Daemonlogger

Antonios Atlasis antonios.atlasis at gmail.com
Wed Jan 18 14:32:29 UTC 2012 

I'm using it mainly for traffic analysis of network flow data. I'll try the
tools that you are suggesting though.

Thanks for your reply and your interest.

Antonios

2012/1/17 Doug Burks <doug.burks at gmail.com>

> Hi Antonios,
>
> What exactly do you use SiLK for?  You may be able to find the session
> data you're looking for in other tools that already exist in Security
> Onion such as SANCP, Argus, and Bro.
>
> Thanks,
> Doug
>
> On Mon, Jan 16, 2012 at 2:24 PM, Antonios Atlasis
> <antonios.atlasis at gmail.com> wrote:
> > Thanks a lot for your reply, Doug,
> >
> > I am looking forward to it. By the way, can I suggest an additional tool
> for
> > one of the next releases? I was thinking about SiLK. It may be valuable
> to
> > some intrusion analysts
> >
> >
> > Antonios
> >
> > 2012/1/16 Doug Burks <doug.burks at gmail.com>
> >>
> >> Hi Antonios,
> >>
> >> Yes, I will most likely spin a new ISO next week. I'm waiting on the new
> >> version of Suricata to be released so I can include it.
> >>
> >> Please let me know if you have any further questions!
> >>
> >> Thanks,
> >> Doug
> >>
> >>
> >> On Monday, January 16, 2012, Antonios Atlasis <
> antonios.atlasis at gmail.com>
> >> wrote:
> >> > Hi Doug
> >> >
> >> > are you planning to release a new iso too? Just wondering...
> >> >
> >> > Congratulations for the great work!
> >> >
> >> > Antonios
> >> >
> >> > 2012/1/16 Doug Burks <doug.burks at gmail.com>
> >> >>
> >> >> Adrian, thanks for the plug and the great video!
> >> >>
> >> >> I just published Security Onion 20120116 which updates Snort to
> 2.9.2:
> >> >>
> >> >>
> http://securityonion.blogspot.com/2012/01/security-onion-20120116-now-available.html
> >> >>
> >> >> BTW, if you're a fan of Security Onion, please vote for it for 2011
> >> >> Toolsmith Tool of the Year!
> >> >>
> >> >>
> http://holisticinfosec.blogspot.com/2011/12/choose-2011-toolsmith-tool-of-year.html
> >> >>
> >> >> Thanks,
> >> >> Doug Burks
> >> >>
> >> >> On Sun, Jan 15, 2012 at 8:37 PM, Adrian Crenshaw
> >> >> <irongeek at irongeek.com> wrote:
> >> >> >
> >> >> >
> >> >> > Thanks to Doug Burks (he might make a good interview) for making
> >> >> > building a
> >> >> > Network Security Monitoring Server much easier. I mentioned Snort,
> >> >> > Snorby,
> >> >> > Barnyard, PulledPork and Daemonlogger in the title, but there is a
> >> >> > lot more
> >> >> > on the distro than that. This is a nice way to get an IDS up and
> >> >> > running
> >> >> > featuring pretty frontends without going into dependency hell.
> >> >> >
> >> >> >
> >> >> >
> http://www.irongeek.com/i.php?page=videos/basic-setup-of-security-onion-snort-snorby-barnyard-pulledpork-daemonlogger
> >> >> >
> >> >> > Adrian
> >> >> > --
> >> >> > "The ability to quote is a serviceable substitute for wit." ~ W.
> >> >> > Somerset
> >> >> > Maugham
> >> >> >
> >> >> > _______________________________________________
> >> >> > Pauldotcom mailing list
> >> >> > Pauldotcom at mail.pauldotcom.com
> >> >> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> >> >> > Main Web Site: http://pauldotcom.com
> >> >>
> >> >>
> >> >>
> >> >> --
> >> >> Doug Burks
> >> >> SANS GSE and Community Instructor
> >> >> Security Onion | http://securityonion.blogspot.com
> >> >> President, Greater Augusta ISSA | http://augusta.issa.org
> >> >> Please vote for Security Onion for 2011 Toolsmith Tool of the Year! |
> >> >> http://goo.gl/PwTDi
> >> >> _______________________________________________
> >> >> Pauldotcom mailing list
> >> >> Pauldotcom at mail.pauldotcom.com
> >> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> >> >> Main Web Site: http://pauldotcom.com
> >> >
> >> >
> >> >
> >> > --
> >> > =================================
> >> > Antonios Atlasis, PhD, MPhil
> >> > GIAC GREM, GPEN, GWAPT, CCIH, GCIA
> >> >
> >>
> >> --
> >> Doug Burks
> >> SANS GSE and Community Instructor
> >> Security Onion | http://securityonion.blogspot.com
> >> President, Greater Augusta ISSA | http://augusta.issa.org
> >> Please vote for Security Onion for 2011 Toolsmith Tool of the Year! |
> >> http://goo.gl/PwTDi
> >>
> >>
> >> _______________________________________________
> >> Pauldotcom mailing list
> >> Pauldotcom at mail.pauldotcom.com
> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> >> Main Web Site: http://pauldotcom.com
> >
> >
> >
> >
> > --
> > =================================
> > Antonios Atlasis, PhD, MPhil
> > GIAC GREM, GPEN, GWAPT, CCIH, GCIA
> >
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
>
>
>
> --
> Doug Burks
> SANS GSE and Community Instructor
> Security Onion | http://securityonion.blogspot.com
> President, Greater Augusta ISSA | http://augusta.issa.org
> Please vote for Security Onion for 2011 Toolsmith Tool of the Year! |
> http://goo.gl/PwTDi
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
>



-- 
=================================
Antonios Atlasis, PhD, MPhil
GIAC GREM, GPEN, GWAPT, CCIH, GCIA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20120118/84dd94dc/attachment.htm>

More information about the Pauldotcom mailing list