Archive

Posts Tagged ‘IDS’

My Next Question: Ubuntu or CentOS?

January 5th, 2010 Adam Tucker No comments

I’m trying to decide which OS will be better for my media server.  I have little experience with CentOS or any Red-Hat based linux system.  I have a few questions:

  1. Is it well supported like Ubuntu?
  2. Is is more security-oreinted?
  3. Which one runs web services better?

I have an IDS running on CentOS right now that I enjoy working on except for the different file placement.  So I’m off to further research CentOS and if you have any thoughts let me know.

Categories: Linux Tags: , , , , ,

Building an IDS

August 3rd, 2009 Adam Tucker Comments off

I recently took on the task of rebuilding my IDS for my home network.  In the past I have used EasyIDS, which is a web-based Snort, BASE, and NTOP package pre-built on a CentOS Linux distro.  EasyIDS is a great product and I recommend it to any small business or home network user.  The time came though when I needed to consolidate all of my intrusion software onto one machine and so I decided to compile all of the programs myself.

The following programs I decided to use in my IDS:

Snort

BASE

IPAudit

OSSEC (server)

I’m not going to do a walk-through of the installation process.  The Snort web site has a fairly good installation pdf for a debian based system HERE.  For the OS I used Ubuntu 8.04.3 LTS Server Edition.  You’ll have to make some changes since this document is a few years old.  I had to change the snort.log filenames to snort.unified, I used the documentation from Ubuntu on turning on Apache SSL, and I looked for the newest version of dependencies needed.

If you decide to build your own IDS, I can’t stress enough the word DEPENDECIES.  Dependecies was my biggest problem and increased the install time to ridiculous levels, but that was user error.  If you take the time to read the documentation for the above programs installation will be much smoother.  A bit of a warning though is that installing all of these programs is lengthy.  I installed Snort and BASE in one session (4 hours) and the others in another session.

Successfully installing these programs and watching them work is such a reward.  Not only did I learn how Snort and BASE work and work together, I now understand a little bit more about Linux itself.

Categories: Open Source, Projects Tags: , , , , , ,