FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 02-11-2012, 04:52 PM
Ioannis Vranos
 
Default Graphical "intrusion detection systems" and "intrusion prevention systems"

I have been reading a book about Linux administration, and it is
mentioning network security tools like Snort.

However this is complex stuff. Do you know any simple, with GUI front
end, "intrusion detection systems" (IDS), and "intrusion prevention
systems" (IPS)?


--
Ioannis Vranos

http://cppsoftware.binhoster.com

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 02-11-2012, 05:21 PM
Jacob Mansfield
 
Default Graphical "intrusion detection systems" and "intrusion prevention systems"

On 11 Feb 2012, at 17:52, Ioannis Vranos wrote:I have been reading a book about Linux administration, and it is
mentioning network security tools like Snort.

However this is complex stuff. Do you know any simple, with GUI front
end, "intrusion detection systems" (IDS), and "intrusion prevention
systems" (IPS)?

IDS and IPS are more to do with physical security, eg. door locks and motion sensors






Jacob Mansfield*/*Lead Developer

Blue Sapphire Media

email:**Jacob@bluesapphiremedia.co.uk

skype:**jacob.mansfield*











--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 02-11-2012, 05:26 PM
Ioannis Vranos
 
Default Graphical "intrusion detection systems" and "intrusion prevention systems"

On Sat, Feb 11, 2012 at 8:21 PM, Jacob Mansfield <cyberjacob@gmail.com> wrote:
>
> On 11 Feb 2012, at 17:52, Ioannis Vranos wrote:
>
> I have been reading a book about Linux administration, and it is
> mentioning network security tools like Snort.
>
> However this is complex stuff. Do you know any simple, with GUI front
> end, "intrusion detection systems" (IDS), and "intrusion prevention
> systems" (IPS)?
>
>
> IDS and IPS are more to do with physical security, eg. door locks and motion sensors

This is what the book is mentioning:

"Snort

An intrusion detection system (IDS) provides a way to promiscuously
monitor a point in
the network and report on questionable activity seen based on packet
traces. The Snort
program (www.snort.org) is an open source IDS and intrusion prevention
system (IPS)
that provides extensive rule sets that are frequently updated with new
attack vectors.
Any questionable activity can be sent to a logging host, and several
open source log-
processing tools are available to help make sense of the information
gathered (e.g., the
Basic Analysis and Security Engine, or BASE).
Running Snort on a Linux system that is located at a key entry/exit
point in your
network is a great way to track the activity without having to set up
a proxy for each
protocol that you wish to support. A commercial version of Snort
called SourceFire is
also available. You can find out more about SourceFire at www.sourcefire.com".

My question is, is there any simple, GUI, thing like snort?


--
Ioannis Vranos

http://cppsoftware.binhoster.com

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 02-11-2012, 08:01 PM
Hal Burgiss
 
Default Graphical "intrusion detection systems" and "intrusion prevention systems"

On Saturday, February 11, 2012, Ioannis Vranos <ioannis.vranos@gmail.com> wrote:
> I have been reading a book about Linux administration, and it is
> mentioning network security tools like Snort.

>
> However this is complex stuff. Do you know any simple, with GUI front
> end, "intrusion detection systems" (IDS), and "intrusion prevention
> systems" (IPS)?
>
I'd look at webmin for configuration, and nagios for reporting and monitoring. Both have plugins for snort, and probably others AFAIK (I've not used either of the plugins).


--
Hal

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 02-11-2012, 08:44 PM
Ioannis Vranos
 
Default Graphical "intrusion detection systems" and "intrusion prevention systems"

On Sat, Feb 11, 2012 at 9:16 PM, compdoc <compdoc@hotrodpc.com> wrote:
>> My question is, is there any simple, GUI, thing like snort?
>
> http://tinyurl.com/7gzzepq

Thank you for your answer.

What I am looking for, is a simple application with a simple GUI,
similar in function to Snort (e.g. not having to install an SQL server
like snort needs).

Not looking for a Snort front end.


--
Ioannis Vranos

http://cppsoftware.binhoster.com

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 02-11-2012, 08:45 PM
Ioannis Vranos
 
Default Graphical "intrusion detection systems" and "intrusion prevention systems"

On Sat, Feb 11, 2012 at 11:44 PM, Ioannis Vranos
<ioannis.vranos@gmail.com> wrote:
>
> Thank you for your answer.
>
> What I am looking for, is a simple application with a simple GUI,
> similar in function to Snort (e.g. not having to install an SQL server
> like snort needs).
>
> Not looking for a Snort front end.

Something for home users, in other words.


--
Ioannis Vranos

http://cppsoftware.binhoster.com

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 02-11-2012, 11:40 PM
Koh Choon Lin
 
Default Graphical "intrusion detection systems" and "intrusion prevention systems"

Hi

> However this is complex stuff. Do you know any simple, with GUI front
> end, "intrusion detection systems" (IDS), and "intrusion prevention
> systems" (IPS)?
>
>
> IDS and IPS are more to do with physical security, eg. door locks and motion sensors

Note that snort is a software for IDS, it can detect intruders but it
cannot prevent intruders from breaking into your systems. IDS is more
of a reactive than a proactive solution.



--
Regards
Koh Choon Lin

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 02-12-2012, 07:00 PM
Ric Moore
 
Default Graphical "intrusion detection systems" and "intrusion prevention systems"

On 02/12/2012 01:59 PM, compdoc wrote:

>I'd look at webmin for configuration

In the IRC channel, the regulars there are telling people not to use
webmin now because it no longer complies with Ubuntu's configuration of
apps.

It's been a long time since I've used webmin, so I can't say one way or
the other...


This is a good thread and awakened my quest for some mild intrusion
detection scheme. I installed snort, which pulls in some other packages,
and what I am left with ~IS~ confusing to a mere "super user" who is not
a network geek whizbang. So, I feel the OP's pain here. But, I too would
like to learn. If this isn't the place to discuss it at length, maybe
the discussion could be held over on bikeshed more in-depth?? We need
some new topics there besides "Eating The Rich" recipes and "Liberals vs
Conservatives", although we are having Great Fun with them. Besides, the
sharks could use some fresh meat there.


But, the OP is correct, there is a LOT of things to consider hitting you
at once so a nice little simple GUI would be swell. Ric




--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 02-12-2012, 09:54 PM
"Joep L. Blom"
 
Default Graphical "intrusion detection systems" and "intrusion prevention systems"

On 12-02-12 21:00, Ric Moore wrote:

On 02/12/2012 01:59 PM, compdoc wrote:

>I'd look at webmin for configuration

In the IRC channel, the regulars there are telling people not to use
webmin now because it no longer complies with Ubuntu's configuration of
apps.

It's been a long time since I've used webmin, so I can't say one way or
the other...


This is a good thread and awakened my quest for some mild intrusion
detection scheme. I installed snort, which pulls in some other packages,
and what I am left with ~IS~ confusing to a mere "super user" who is not
a network geek whizbang. So, I feel the OP's pain here. But, I too would
like to learn. If this isn't the place to discuss it at length, maybe
the discussion could be held over on bikeshed more in-depth?? We need
some new topics there besides "Eating The Rich" recipes and "Liberals vs
Conservatives", although we are having Great Fun with them. Besides, the
sharks could use some fresh meat there.

But, the OP is correct, there is a LOT of things to consider hitting you
at once so a nice little simple GUI would be swell. Ric



I use webmin - the adverse advices notwithstanding - for over 6 years
with Ubuntu (now with 10.04) and it is IMHO the best administrative tool
for all Linuxes.

Joep


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 03:04 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org