Comments on: Snorby Spsa http://bailey.st/blog Useful bits of information in an uncertain world. Sat, 21 Jan 2012 01:33:57 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Saeed http://bailey.st/blog/snorby-spsa/#comment-7998 Saeed Sat, 07 Jan 2012 12:50:03 +0000 http://blog.bailey.st/?page_id=4#comment-7998 Hi, How can i install this .iso file on a Hyper-V machine, I am going to trying installing but in the manual mentioned this .iso file is only for physical machine not VM. I just tried on a Vmachine but after rebooting it asks for IP address. So can anybody tell me how do i resolve this issue? Regards, Saeed Hi,

How can i install this .iso file on a Hyper-V machine, I am going to trying installing but in the manual mentioned this .iso file is only for physical machine not VM.

I just tried on a Vmachine but after rebooting it asks for IP address.

So can anybody tell me how do i resolve this issue?

Regards,

Saeed

]]> By: Saeed http://bailey.st/blog/snorby-spsa/#comment-7914 Saeed Thu, 05 Jan 2012 05:27:35 +0000 http://blog.bailey.st/?page_id=4#comment-7914 Hi Guys, Thanks for the very wonderful tool. I would like to ask if we compare this IDS with any hardware based solution so what is the difference between them? Is this tool beneficial for us to configure on our network? Regards, Saeed Hi Guys,

Thanks for the very wonderful tool.

I would like to ask if we compare this IDS with any hardware based solution so what is the difference between them?

Is this tool beneficial for us to configure on our network?

Regards,

Saeed

]]> By: Marios http://bailey.st/blog/snorby-spsa/#comment-7635 Marios Fri, 30 Dec 2011 18:10:10 +0000 http://blog.bailey.st/?page_id=4#comment-7635 Hi Philip, Many thanks and congratulations for the SmoothSec project. I am currently using SmoothSec 1.3 version and I was wondering whether a newer version will be available. Regards, Marios Hi Philip,

Many thanks and congratulations for the SmoothSec project. I am currently using SmoothSec 1.3 version and I was wondering whether a newer version will be available.

Regards,
Marios

]]> By: Abraham http://bailey.st/blog/snorby-spsa/#comment-4962 Abraham Mon, 24 Oct 2011 23:30:24 +0000 http://blog.bailey.st/?page_id=4#comment-4962 Hi Philip, Please, how can I switch from console to gui? I have used "startx" and "sudo startx" but is not working. Thank you. Hi Philip,
Please, how can I switch from console to gui?
I have used “startx” and “sudo startx” but is not working.
Thank you.

]]> By: pbailey http://bailey.st/blog/snorby-spsa/#comment-4634 pbailey Thu, 13 Oct 2011 12:38:52 +0000 http://blog.bailey.st/?page_id=4#comment-4634 Hello, Snorby-SPSA is not longer developed, I've moved to another project called smooth-sec http://bailey.st/blog/smooth-sec . Stay in touch. Phillip Hello,
Snorby-SPSA is not longer developed, I’ve moved to another project called smooth-sec
http://bailey.st/blog/smooth-sec . Stay in touch.

Phillip

]]> By: Da Beave http://bailey.st/blog/snorby-spsa/#comment-4588 Da Beave Tue, 11 Oct 2011 23:58:26 +0000 http://blog.bailey.st/?page_id=4#comment-4588 Let me know if you need any help with Sagan in Snorby-SPSA. It's pretty straight forward, but you can always catch me on freenode #sagan or via e-mail :) Let me know if you need any help with Sagan in Snorby-SPSA. It’s pretty straight forward, but you can always catch me on freenode #sagan or via e-mail :)

]]> By: morgan http://bailey.st/blog/snorby-spsa/#comment-4142 morgan Fri, 23 Sep 2011 14:30:10 +0000 http://blog.bailey.st/?page_id=4#comment-4142 If you have idiotically locked yourself out by changing the password and not noting it down - how can I reset the snorby password via command line? Hello, If you are using Smooth-Sec you can run this script /root/script.utils/CleanAllEvents.sh , be careful that this will erase all your events but will also reset the login credentials. Best. If you have idiotically locked yourself out by changing the password and not noting it down – how can I reset the snorby password via command line?

Hello,
If you are using Smooth-Sec you can run this script /root/script.utils/CleanAllEvents.sh , be careful that
this will erase all your events but will also reset the login credentials.

Best.

]]> By: pbailey http://bailey.st/blog/snorby-spsa/#comment-3429 pbailey Sat, 06 Aug 2011 15:37:07 +0000 http://blog.bailey.st/?page_id=4#comment-3429 @TomAng Hi tom, thanks for your comment. 1) Snorby Spsa was the first ready to go intrusion detection distribution based on Snorby (first generation) and Snort. Smooth-Sec a new distribution equipped with suricata IDS and Snorby 2.0. Suricata is a new multithread IDS/IPS engine, this mean that if you have a multi-core monster machine allow you to use all the cores available. 2) If you want to use snort I recommend you to use directly InstaSnorby http://snorby.org/ - I don't recommend you to upgrade Snorby-Spsa. 3) If you want to use snort I recommend you to use directly InstaSnorby http://snorby.org/ Thanks again for you feedback. Phillip @TomAng

Hi tom,

thanks for your comment.

1) Snorby Spsa was the first ready to go intrusion detection distribution based on Snorby (first generation) and Snort. Smooth-Sec a new distribution equipped with suricata IDS and Snorby 2.0. Suricata is a new multithread IDS/IPS engine, this mean that if you have a multi-core monster machine allow you to use all the cores available.

2) If you want to use snort I recommend you to use directly InstaSnorby http://snorby.org/ – I don’t recommend you to upgrade Snorby-Spsa.

3) If you want to use snort I recommend you to use directly InstaSnorby http://snorby.org/

Thanks again for you feedback.

Phillip

]]> By: TomAng http://bailey.st/blog/snorby-spsa/#comment-3424 TomAng Sat, 06 Aug 2011 09:09:54 +0000 http://blog.bailey.st/?page_id=4#comment-3424 Hi Phillip, I got few questions : 1. what's the difference between Snorby Spsa and SmoothSec ? 2. any steps how update Snorby on both distro ? 3. as Spsa is quite old, any steps how to install and configure Snort on SmoothSec ? Regards, Tom Hi Phillip,

I got few questions :
1. what’s the difference between Snorby Spsa and SmoothSec ?
2. any steps how update Snorby on both distro ?
3. as Spsa is quite old, any steps how to install and configure Snort on SmoothSec ?

Regards,
Tom

]]> By: Ivan http://bailey.st/blog/snorby-spsa/#comment-1759 Ivan Thu, 21 Apr 2011 13:43:12 +0000 http://blog.bailey.st/?page_id=4#comment-1759 Many thank's. These are the tools i've been looking for!! @ivan Hello, Please check our latest project http://bailey.st/blog/smooth-sec/ regards, phillip Many thank’s. These are the tools i’ve been looking for!!

@ivan
Hello,
Please check our latest project http://bailey.st/blog/smooth-sec/
regards,
phillip

]]>