I recently tried installing Snort on a Debian system ( apt-get install snort ) and while installing, the associated service couldn’t start which led to a dpkg error.
Week 2 was about an early development phase, where i just install necesary software and play around to see what posiblities i have.
The plan was to:
– install Snort with a front-end interface and start playing with to see what can i do. You can read a detailed walkthrough here. It took much more longer than i expected, because of the lack of proper documentation related to the acidbase software and things simply not working. This turned out to be a total waste of time, becase it was too much of a hastle and i didn’t acomplish anything.
– install already made solutions out there, that can provide an inspiration to my development phase or can stop me from reinventing the wheel, thus saving time. It turned out that there are a few really interesting open-source projects that can be of use. The projects below resemble my idea, but not entirely:
- EasyIDS – http://sourceforge.net/projects/easyids/files/
- SmoothSec – http://sourceforge.net/projects/smoothsec/
- Network Security Toolkit – http://sourceforge.net/projects/nst/
- OSSIM – http://www.alienvault.com/open-threat-exchange/projects
– setup a test environment with a server/PC running a Snort and a front-end solution, a hub and some machines that can generate traffic. I can get the traffic needed from another class that has a networking project running. Initially, i wanted to use a pfsense powered machine that can mirror traffic from the network to me. I ran into more problems than i expected but you can read about it here.
This is part of a series of blogposts that serve as my weekly log for my professional special subject project. It has documentation purposes and it is a nice way to present your work to the teachers. For further information about my work and what i’ve learned and did follow the inbound/outbound links within these posts.
I needed to install Snort and a nice GUI for it for one of my projects. I have used a virtual machine running Debian 7. I have followed some tutorials but none of helped me install everything succesfully. I ran into some weird errors but i managed to fix them.
Basically, all software needed to have a nice front-end to the IDS of choice (Snort) are:
– apache2 (webserver), php5(main backend programming language), mysql (databases), phpmyadmin (gui for databases)
– snort (what good is a front-end if we don’t have a backend), ACID, BASE (basic analysis and security engine) Continue reading “How to install Snort and AcidBase GUI”
I’m hanging a lot at a school laboratory, called the Health Games Lab, where there are a lot of networking devices, servers, cables and anything you can imagine for a technical school. I talked with some people from the school and i’m responsable for all the devices in here in terms of inventory, organizing, labeling and everything related to it.
This was done before, but all the work from then was lost and i have to redo it. The software of choice, suggested by a teacher, is OpenBiblio. OpenBiblio is an open-source automated library system written in PHP.
I was pretty amazed when i found that there are country-based communities that use OpenBiblio. Continue reading “Setting up a school library with OpenBiblio”
As part of my current education, i have to specialise and gain more knowledge in my AP degree field, which is IT Networking with everything related – IT security, python programming, php programming, linux etc.
My subject is – Network monitoring solution for small/medium size companies.
Reason of choosing – an increase in hack attempts targeted on small/medium size company networks all over the world (see links below)
Fields and sub-fields – IT security, IT Networking, IDS/IPS, open-source security tools Continue reading “Professional Special Subject – w1 log”
Since we started our database courses (last semester), the teacher introduced us to XAMPP or LAMPP (if on linux) – it is an Apache distribution that contains MySQL, PHP, Perl and an FTP server (proftpd). It’s intended to be easy to install and use and it’s good for developers. Continue reading “LAMPP or XAMPP – How to”
I’m currently running a dual boot Ubuntu 12.04 and Windows 7 but i only use Windows for gaming purposes. Since i got in touch with Linux (almost a year ago) i wanted something automated that would install everything i want, tweak stuff, disable stuff.
Yesterday i remebered that i want this and i started on some scripts. One of my teachers said that, and i quote “bash-scripting is for masochists” and i kinda agree, but i wanted to use a linux standard tool for this. Continue reading “My bash scripts”