Snort requires 1.0-RC3. On 10/4/06, Donald Pulsipher <[EMAIL PROTECTED]> wrote:
I tried to install the snort package but get an error. This was on my Soekris embedded box with the embedded version 1.0-RC1a. Here is the output : ----- Installation of snort FAILED! Downloading package configuration file... failed! Installation aborted. Installation halted. ----- Do I need to do something to the installed embedded version to allow it to install packages ? Or am I SOL because its embedded ? -Don On Wed, 4 Oct 2006 11:07:15 -0500, "Bill Marquette" <[EMAIL PROTECTED]> wrote: > On 10/4/06, Holger Bauer <[EMAIL PROTECTED]> wrote: >> No, it sees everything. For example running at my WAN though nearly > everything is blocked it detects portscans too and will block this IP (if > enabled) so it can't start a bruteforce against my open ports. If you are > lucky it will even block the intruder before it reaches open ports on your > system for example :-) > > > To be fair, ONLY stateless signatures (or signatures of attacks that > only need one packet to do the damage) and the port scan engine can > make any kind of detection on traffic blocked at the firewall. But > hey, who really cares that someone is trying some uber attack against > you if there's nothing listening? If you want to know that, I'm > afraid you need a honeypot. > > --Bill