Saturday, April 01, 2006

OpenIDS

BASE - Basic Analysis and Security Engine gains popularities among Open Source Community. I think it is because of it's predecessor - ACID and the ease of installation. However when I try to look for any Installation Guide of BASE on OpenBSD, I can't find a good one. Until I accidentally hit this URL due to it's project name with Open as prefix - http://www.prowling.nu. It is the main site for OpenIDS project where it is mainly based on OpenBSD and BASE.

I don't think I will change my mind to use BASE instead of Sguil, however OpenIDS is worth mentionning here since it eases the installation and management of IDS. As well it may help people who have hard time to install BASE on OpenBSD. By the way, no harm trying .....

Other features that caught my eyes would be pfw/hatchet(PF Web Console) and Snortalog are integrated into OpenIDS as well. If anyone interested in trying out OpenIDS, just download it from the mirror link in the download page.

Keep up the good work :]

P/S: I would prefer if anyone write a generic Base Installation Guide on OpenBSD or anyone can point me to one if there's any.

2 comments:

Anonymous said...

aha.. I manage to have BASE installed on my openbsd3.7 after a lot of tries. Quite a hassle for the first timer but Sguil make more hassle even for the pros. Hopefully i just can: pkg_add sguil-yada_yada.tgz when openbsd 3.10 release by the end of this year. ;-)

Anonymous said...

Take a look at the latest release of OpenIDS (1.9), I has really become more of a "NSM" dist then just a IDS one.

/Lurk