I see that the LiveCD has Snort, BASE, and some Emerging Threats rules. Have you considered using Sguil instead of BASE? The NSMnow installer (http://www.securixlive.com/nsmnow/) can install Sguil and all its dependencies quickly and easily. It also downloads and compiles the latest version of Snort automatically. I'm using NSMnow in my Security Onion LiveCD.
I see some Perl scripts in /usr/local/bin/ that appear to be for Squid reporting, but I can't seem to find the Squid service itself. What am I missing?
1 comment:
Hi Eric,
Xfiltr8 looks interesting! A few questions:
Is there a README somewhere that I'm missing?
I see that the LiveCD has Snort, BASE, and some Emerging Threats rules. Have you considered using Sguil instead of BASE? The NSMnow installer (http://www.securixlive.com/nsmnow/) can install Sguil and all its dependencies quickly and easily. It also downloads and compiles the latest version of Snort automatically. I'm using NSMnow in my Security Onion LiveCD.
I see some Perl scripts in /usr/local/bin/ that appear to be for Squid reporting, but I can't seem to find the Squid service itself. What am I missing?
Keep up the good work!
Thanks,
Doug Burks
http://securityonion.blogspot.com/
http://twitter.com/dougburks
Post a Comment