| 1 |
Joey McCoy said: |
| 2 |
> I just started using oinkmaster and popped it in a weekly cron as well, |
| 3 |
> but running as root. So far no problems. What permission problems were you |
| 4 |
> having? |
| 5 |
> |
| 6 |
> So far, oinkmaster is working terrifically. I would recommend setting it |
| 7 |
> up. :) |
| 8 |
|
| 9 |
I'm curious about this, I don't have any IDS on my home server, and want |
| 10 |
to start running Snort, but the time to learn the rule creation is what |
| 11 |
has kept me away. |
| 12 |
|
| 13 |
To test it out, I set it up on my workstation at work. I emerged snort, |
| 14 |
then emerged oinkmaster. Ran oinkmaster to dnld the latest ruleset, then |
| 15 |
ran Snort, telling it to use the new rules I just dnld'd. It seemed to |
| 16 |
run fine, and I had it report to the console so I could monitor it. Is |
| 17 |
this all I need to do for "basic" functionality? I want to get into it |
| 18 |
more, but will need to allow for Web/Jabber/IMAP-ssl traffic on my |
| 19 |
homeserver, would I use Oinkmaster to tell Snort to allow those or ? If |
| 20 |
it's not much harder than that to get started, I should set this up |
| 21 |
tomorrow. Any input would be appreciated. |
| 22 |
|
| 23 |
Thanks. |
| 24 |
|
| 25 |
P |
| 26 |
-- |
| 27 |
http://lefttochance.com/ |
| 28 |
|
| 29 |
-- |
| 30 |
gentoo-security@g.o mailing list |
Archives