Snort
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Snort-users] Has anyone got snort and acid running on RH with SELin

from [Kevin Johnson] [Permanent Link][Original]
To: "Jacob, Raymond A Jr" <raymond.jacob@navy.mil>
Subject: Re: [Snort-users] Has anyone got snort and acid running on RH with SELinux?
From: Kevin Johnson <kjohnson@secureideas.net>
Date: Fri, 1 Dec 2006 06:59:14 -0500
Cc: snort-users@lists.sourceforge.net
Delivered-to: sp-com-lists@consult.net
Delivered-to: snort-list@securepoint.com
In-reply-to: <D95A0509A7959748B5A5016CF67E003205CD7556@NAEACHRLEX01VA.nadsusea.nads.navy.mil>
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=snort-users>
List-help: <mailto:snort-users-request@lists.sourceforge.net?subject=help>
List-id: "Snort users talk about... Snort!" <snort-users.lists.sourceforge.net>
List-post: <mailto:snort-users@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/snort-users>, <mailto:snort-users-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/snort-users>, <mailto:snort-users-request@lists.sourceforge.net?subject=unsubscribe>
References: <D95A0509A7959748B5A5016CF67E003205CD7556@NAEACHRLEX01VA.nadsusea.nads.navy.mil>
Sender: snort-users-bounces@lists.sourceforge.net
On Nov 30, 2006, at 10:06 PM, Jacob, Raymond A Jr wrote:
Has anyone got snort and acid running on RH with SELinux?
I googled,checked the email archive and found no one who has had
success.


Hi-

I have not tried to do this with SELinux, but I think it should work with adjustments to your
security policy.  Do you have the log messages signifying what is being blocked?  

On a side note, if you are serious enough about security to run SELinux, you probably
don't want to run ACID, as the code hasn't been updated in years. BASE ( http://base.secureideas.net )
is the fork of that project that is actively supported.  Of course, I am a little biased. ; )

Kevin

Kevin Johnson GCIA, GCIH, CISSP, CEH
Principal Consultant
Secure Ideas

Attachment: PGP.sig
Description: This is a digitally signed message part

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Snort-users] Has anyone got snort and acid running on RH with SELinux?, Dirk Geschke
Next by Date:  Re: [Snort-users] Is there any documentation showing how to write a snort plugin?, Richard Bejtlich
Previous by Thread:  Re: [Snort-users] Has anyone got snort and acid running on RH with SELinux?, Dirk Geschke
Next by Thread:  Re: [Snort-users] Is there any documentation showing how to write a snort plugin?, Richard Bejtlich
Indexes:  [Date] [Thread] [Top] [All Lists]