Topic: Intrusion Detection

[Jehu]

Is there an Intrusion Detection monitor that works with e-smith 5.1.2.  That can let me know if anyone is trying to hack my system. One that has a graphicial interface.

Thanks,
Jehu.

[kenshin]

I'm currently working on an RPM of psionic's portsentry for SME 5.1.2

[Kevin McClain]

Great! let us know when you are finished.
I would be happy to help test it for you.

[Wietse]

I am interested too! Please post a reply here as soon as you have more info!!! Thanks in advance!

[Bruce]

I am interested too! Please post a reply here as soon as you have more info!!! Thanks in advance!

[Sassou Efoe Boris]

I'm working a version of Demarc Pure Secure for SME/E-SMITH (http://www.demarc.org)

There is an alpha version available at ftp://ftp.speedfactor.ath.cx/demarc

If you could send me some feed back i would be please.
(Sorry for my english , i'm french)

[Dean Mumby]

This really looks cool (demarc) I will download and install tonight on a test server , will report back asap. I think this is really worth a look , a whole centralized monitoring system.

Dean

[kenshin]

Well I got the RPM I made to install... and it works.. I'll put it on a site and give you guys the link tonight...
I'll have the ServerManager mod done by tomorrow...

As for Demarc... it looks cool, but you need to install libpcap, SNORT and add more perl modules...

Too much of a headache for nothing.

[Dean Mumby]

Hi Kenshin

I will also gives yours a shot .. no point putting all our eggs in one basket..

I look forward to your contrib

Regards
Dean

[Confucius]

Kenshin,

Can you mail me your link for the RPM you made... love to see your work at my work

TIA,

Harro

[Jehu]

Hey kenshin can you help me with the install. I installed it but don't know how to login. I get to the last login and I get access denied. I don't know how to create the account to access this.  The documentations at the website does not go into details.  It is hard for a newbie like me to understand.
Please help.
Thanks,
Jehu.

[kenshin]

Hey guys, I got the How To at http://www.netfrost.com/kenshin
A friend of mine is hosting it for now...
This is just the first release, so be gentle...

I'll have an other release with more configurability and with more ServerManager functions out in a few days.

Kenshin Out.

[Craig]

Just adding my name to the list of people interested in this project. Please post any updated information as available.

Will download and try what you have so far.

Regards
Craig

[Jehu]

I think I have done everything and I cannot log into https://myserver/demarc, no matter what username and password I use.
Also when I try to run demarcd -I and it ask for the name of this sensor. What name should I use, I get an error at the end when this is finish. Tried to use different names but it does not work.
Issuing: /usr/sbin//snort -q -c /usr/local/demarc/conf/snortppp0.conf -i ppp0
database: mysql_error: Access denied for user: 'admin@localhost' (Using password: YES)
Fatal Error, Quitting..
snort: no process killed.
Please can someone help.
Thanks,
Jehu.

[Sassou Efoe Boris]

Hi !
Have you read all the how-to (sorry for my poor english) ?
You seems to have a database problem , and snort problem
I've not enough information but i suggest you to read the documentation on the Demarc site : http://demarc.com/documentation/demarc-install.html

I hope it will help you

Greetings
Boris