snort-inline on Ubuntu Server

Ian Latter ian.latter at midnightcode.org
Sun Sep 16 07:06:34 BST 2007 

Hello,


  I've been running Ubuntu Desktop for some time now 
(almost two years, I'd say).  So I felt it was time to look
at the server build.  I was impressed with the tight 
default install on a test Ubuntu 7.04 server that I built
recently, and was hoping to make something serious of
it (having been an avid RedHat server fan and builder).  

  I've come to this list as referred by the advice here;
    http://www.ubuntu.com/community/reportproblem

  The snort project has integrated the snort-inline
patches meaning that, when snort is compiled with the
right options, it will pop out a "snort-inline" binary
which can inter-operate with iptables, via ip_queue, 
and act as an Intrusion Prevention Service (not just an 
Intrusion Detection Service).

  The details can be found here;
   
http://www.snort.org/docs/snort_htmanuals/htmanual_2.4/node7.html

  Including build info - i.e.;
    ./configure --enable-inline
    make
    make install


  I've been back through the ubuntu-devel archives
up to January 2007, and can't see any discussion on
snort (as a subject reference) at all.  Could the 
default snort package be updated to include 
snort-inline?  Was there a reason why it wasn't
compiled that way for today's version of this package?


  I'm running Ubuntu Server 7.04;
    Linux localhost 2.6.20-15-generic #2 SMP Sun Apr 15
06:17:24 UTC 2007 x86_64 GNU/Linux


  With snort ala repo (apt-get install snort);

Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems
(Status,Err: uppercase=bad)
||/ Name                Version        Description
+++-===================-==============-============================================
ii  snort               2.3.3-9        Flexible Network
Intrusion Detection System
ii  snort-common        2.3.3-9        Flexible Network
Intrusion Detection System 
un  snort-doc           <none>         (no description
available)
un  snort-mysql         <none>         (no description
available)
un  snort-pgsql         <none>         (no description
available)
un  snort-rules         <none>         (no description
available)
ii  snort-rules-default 2.3.3-9        Flexible Network
Intrusion Detection System 



Thanks for your time,




--
Ian Latter
Late night coder ..
http://midnightcode.org/

More information about the ubuntu-devel mailing list