Snort & OpenAppID on ESXi virtual ubuntu (2 NICs)

A Network Intrusion Detection & Prevention with Snort and OpenAppID (application identification) on a ESXi ubuntu virtual machine (2 NICs) with PF_RING.   An open source network intrusion prevention system (NIPS) and network intrusion detection system (NIDS) created by Martin Roesch in 1998 and owned by Cisco since 2013.   For our test we need to […]

Bro on ESXi virtual ubuntu (2 NICs)

A try of Bro on an ESXi ubuntu virtual machine (2 NICs) with GeoIP and PF_RING dependencies.   A powerful network analysis framework Originally written by Vern Paxson (Professor of Computer Science at Berkeley), It works with scripts and has support for clustering for high throughput environments. It is actually a very powerful complement to Snort.   For […]