| Related sites for http://www.intersectalliance.com/projects/Snare/index.html |
| Internet_Tools_Summary Summarizing software used for information, interaction, and communication on the Internet. | | Black_Maria_Studios Create 2D, 3D and Flash animation for film, TV, web CD, and offer character design, traditional and digital art, illustration, web design, Flash and Shockwave game development, and graphic design. Loc | | Text_Link_Ads_UK Text link broker using the Deep Link Ratio (DLR) metric for evaluation. | | Enabling_ODBC_support_in_Perl_with_Perl_DBI_and_DBD__ODBC How to build Perl DBI, add the DBD::ODBC module and use an ODBC driver in Perl scripts. | | Bar_Code_Scanners_Discount Provides bar code scanners, printers, software and supplies. | | Mohamed,_Tamer_Badawy About. Pascal, Qbasic, Visual Basic free source code. | | Mediastation Web design, multimedia development, video production, multilingual content management and software translation. Located in Surrey, United Kingdom. | | Madman Linux music file manager similar to iTunes with tag editor, media library, dynamic playlists and a CD burning frontend, extensible through plugin scripts. | | Lloyd\'s_Satellite_Constellations Information on Iridium, Teledesic, Globalstar, Orbcomm, ICO Global, Ellipso, Skybridge as well as general information on satellites. | | DataFort_Wide_Area_Backup_Service Automatic secure offsite backup service ,30-day trial available. | | Australasian_Computer_Science_Week International multi-conference event for Computer Science researchers. An annual event held in Australia and New Zealand, overseen by members of the Computer Science Association. Dunedin, New Zealan | | LoudASP_KnowledgeBase Answers to common question about their products and ASP in general. | | 1000_Free_Wallpaper_Photos Images made with a Photomosaic of over 1000 photographs of nature, landscape, and art. | | RFC_0886 Proposed Standard for Message Header Munging. M.T. Rose. December 1983. | | OSSP__lmtp2nntp Open source local mail transfer protocol service for use in conjunction with a Mail Transfer Agent (MTA) like Sendmail or Postfix, providing a real-time mail to news gateway. | | Elf_Meta-Language Constraint-logic programming language based on LF Logical Framework; a uniform meta-language for specifying, implementing, and proving properties of programming languages and logics that is implemente | | Virtual_Linux Bootable Mandrake Linux distribution with 1.6 gigs worth of tools and toys on a single CD. | | Hamsterdb_Embeddable_Database_Engine Hamsterdb is written in ANSI C and supports a B+Tree index structure, uses memory mapped I/O (if available), supports cursors, and can create in-memory databases. | | ACM__A_M__Turing_Award__Niklaus_Wirth The Association for Computing Machinery gave Wirth the prestigious Alan M. Turing Award in 1984: For developing a sequence of innovative computer languages, Euler, Algol-W, Modula, Pascal. Pascal has | | All-Pro_Software Sports statistics tracking and scheduling software. [Win XP/2000/98]. |
|
InterSect Alliance - Open Source    ![[<b>InterSect</b> Swish]](http://www.intersectalliance.com//images/Right-Swish.jpg) HomeSnare ServerSnare Agents & ToolsSupport & DocumentationAbout UsPartnersClientsContact Search Our Site Enter Search Terms NewsSnare for Windows - Snare for Windows Version 3.1.3 is now available. This new version significantly reduces CPU load.NISPOM and PCI An appendix to the Snare Server User's Guide now contains guidance on how to comply with NISPOM and PCI Data Security StandardSnare Server Version 4.3.1 is now available. This new version includes a single CD installation for all packages and the OS.Stats on the agent downloads and visits to our web server are avialble from Statistics. ![[Snare Logo]](http://www.intersectalliance.com//images/Snare<b>Linux</b>.gif) The team at InterSect Alliance has experience with auditing andintrusion detection on a wide range of platforms such as - Solaris, Windows 2000/NT/XP/2003, Novell Netware, AIX, even MVS (ACF2/RACF); and within a widerange of IT security in businesses such as - National Security and DefenceAgencies, Financial Service firms, Government Departments and ServiceProviders.This background gives us an insight into how to effectivelydeploy host and network intrusion detection systems that support and enhancean organisation's business goals.As long term users of the Linux operating system, we believe thatone of the key missing features that can hold Linux back from deploymentin organisations with basic security requirements, isthe availability of systemauditing or event logging facilities.As such, the InterSect Alliance team is trying to bring a comprehensiveC2-style logging system to Linux, ideally without impacting those users whodo not have a requirement for auditing and logging.The project is called 'SNARE for Linux' (SNARE stands for SystemiNtrusion Analysis & Reporting Environment), and like many of ourother Snare Agent tools, is available under the terms of the GNU Public License.Snare is currently used by hundreds of thousands of individuals,and organisations worldwide. Snare for Linux is used by many large Financial,Insurance, Healthcare, Defence, AeroSpace, and Intelligence organisations tomeet elements of local and federal security requirements, such as: ACSI 33 / PSM GLBA (Gramm-Leach-Bliley Act) Sarbanes Oxley (SOX) C2 / CAPP DCID 6/3 DIAM 50-4 DDS-2600-5502-87 Chapter 4 NISPOM Chapter 8 HIPAA PCIDSS California Senate Bill 1386/AB 1950 USA Patriot Act CISP Danish Standard DS-484:2005 British Standard BS7799/ISO 17799InterSect Alliance welcome your support, comments, and contributions. Our contact details areavailable from our contact page. Screen Shots Main Window Defining an objective Gnome 2 GUI, and the Remote Management ServerDownloadNOTE: Snare 0.9.8 has now been released, and we have started the process of building easy-to-install binary kernel RPMs for some of the key distributions. If you're interested in helping out, and know your way around your distributions' kernel, please let us know!Redhat Enterprise Linux 4(Version 0.9.8) Kernel Install one of the following kernels using 'rpm -ivh': Uniprocessor, x86 Uniprocessor, x86 with more than 8Gb RAM Multiprocessor Systems, x86 Audit Daemon Install one of the following snare-core packages using 'rpm -Uvh': Snare-Core Source Files The following files are optional, and are only required if you wish to rebuild Snare, or need to install custom kernel modules/drivers: Patch file for 2.6.9-34 Kernel SPEC file for 2.6.9-34 Kernel-devel package (uniprocessor, x86) Kernel-devel package (uniprocessor, x86 with more than 8Gb RAM) Kernel-devel package (multiprocessor, x86) Redhat Enterprise Linux 3(Version 0.9.8) Kernel Install one of the following kernels using 'rpm -ivh': Uniprocessor, x86 Uniprocessor, x86 with more than 8Gb RAM Multiprocessor Systems, x86 Audit Daemon Install one of the following snare-core packages using 'rpm -Uvh': Snare-Core Source Files The following files are optional, and are only required if you wish to rebuild Snare, or need to install custom kernel modules/drivers: Patch file for 2.4.21-40 Fedora Core 2(Version 0.9.8) Kernel Install one of the following kernels using 'rpm -ivh': Uniprocessor, x86 Multiprocessor Systems, x86 Audit Daemon Install one of the following snare-core packages using 'rpm -Uvh': Snare-Core Source Files The following files are optional, and are only required if you wish to rebuild Snare, or need to install custom kernel modules/drivers: Patch file for 2.6.10-2.3_legacy_FC2 Redhat 9(Version 0.9.8) Kernel Install one of the following kernels using 'rpm -ivh': Uniprocessor, x86 Uniprocessor, x86 with more than 8Gb RAM Multiprocessor Systems, x86 Audit Daemon Install one of the following snare-core packages using 'rpm -Uvh': Snare-Core Source Files The following files are optional, and are only required if you wish to rebuild Snare, or need to install custom kernel modules/drivers: Patch file for 2.4.20-46 Fedora Core 3(Version 0.9.7) Kernel Binary kernel RPMs are available from Jonathan Abbey's UTexas site. Audit Daemon snare-core-0.9.7-1.i386.rpm available from UTexas. Debian Sarge(Version 0.9.7) Kernel Debian Sarge kernel patch, and binary kernel packages, are available from Erics' siteNote that the debian patch file will apply to most modern 2.4-based kernels. 2.6.12 kernel patchThanks to Alec Dawson and Eric Meyers, from Pratt and Whitney Rocketdyne and Eric Malkowski for their contributions Audit Daemon snare-core-0.9.7 daemon Audit GUI GUI for 0.9.7 not available at this time. We recommend using the micro-web server embedded in the snare audit daemon.Ubuntu(Version 0.9.7) Kernel Ubuntu 5.10 (Breezy) kernel packages, are available from the web site of Doug Henry. Audit Daemon snare-core-0.9.7-1 daemonSourceSource Code Kernel Version 0.9.7 patch against linux-2.6.11.7Thanks to Mike Fecina @ PSU Version 0.9.6 patch against SuSE 9.1 - 2.4.21 (Thanks to Fred Beck @ NGC) Instructions for getting SuSE 9.1 and SNARE to play nicely together have been provided by Clif Flynt of Noumena Corp. Click here for more information. Audit Daemon snare-core-0.9.8.tar.gz snare-core-0.9.8-1.src.rpm Older versions of Snare are available from our Download Archive section.More information on these files is available from our old snare page.Like to keep up to date with Snare releases? Sourceforge offer an email notification service that will send you an email each time we release a new version of Snare. Click here to set this up.DetailsSNARE is divided into three key components:The Kernel changesIn order to collect event log data, Snare needs to add auditing support into the operating system. You can choose to either install a binary version of the kernel, with Snare already integrated, or you can apply a 'patch' to your kernel source.Although we try hard to make Snare as easy to install as possible, there are hundreds of different distributions and kernel versions, and it would be an immense task to build Snare for each variant. We are hoping that recent efforts towards creating a native auditing subsystem for linux will soon mean that the kernel component of the Snare for Linux agent, will no longer be required.The Snare Audit DaemonThe Snare audit daemon acts as an interface between the Linux kernel, and the security administrator. It allow you to turn on events, filter the output, and potentially push audit log information back to a central location for collection, analysis and archival.The Snare Micro-Web ServerThe Snare Micro-Web Server, is embedded in the audit daemon, and provides a very simple configuration capability that can be managed from your web browser.To enable the micro-web server, please add the following to your /etc/audit/snare.conf file, and restart snare (/etc/init.d/snare restart):[Remote] allow=1 listen_port=6161We recommend that you configure a password for the remote control capability the first time you connect.The Sourceforge development website shows support for the open source development community by providing SNARE with a home away from home, and Snare support forums. Jonathan Abbey, of Applied Research Laboratories, University of Texas, Austin has been working hard on optimising the Snare audit daemon, and has succeeded in an order-of-magnitude speedup in audit objective matching and reporting. Jonathan's changes will be making an appearance in Snare 0.9.6. The University of Texas also greatly assist the Snare project by building and distributing binary kernel RPMs for key Redhat systems. Aaron Laffin, of Silicon Graphics Inc. has integrated Snare into the SGI Altix series of products, and in doing so, has provided a series of additions to the Snare Kernel that have contributed significantly to performance and stability. Eric Malkowski has contributed some great work coming up with the changes required to get Snare working on Debian Sarge, including creating kernel patches, binaries for the audit daemon, and the creation of kernel binary packages.Mark Westerman of Westcam, Inc has been doing some great things with the in-kernel components of Snare, adding the code to make better use of kernel memory, and ferreting out SMP problems, amongst other significant improvements.DocumentationDocumentation on SNARE is incorporated within the packages above, and is also available from our Resources page.If you would like to utilise the Snare PATCH file for development purposes, or to build your own kernel, basic instructions are available here.Having trouble building third party modules (such as video drivers) with Snare? Try installing the kernel-devel RPM from your Redhat/Fedora CDs (Thanks to Bill Gressett of Lockheed).Jonathan Abbey has written some fantastic guidelines on how to build a Redhatkernel, that includes Snare: Redhat Kernel building instructionsInterSect provides commercial Snare Agent support for our Snare Server customers, but we're always happy to help out via the Snare Sourceforge Forum. Snare Server The Snare Server builds on the success of our Open Source audit & event log agents. When used in combination, our Snare agents, and Server provide a robust and effective resource for event log management.Snare Server Snort ReportThis link will take you to a small report exported from our Snare Server, that shows attacks against our website Copyright (c) 1999-2008 InterSect Alliance Pty Ltd |
|
