Hi John, Is RHEL a requirement? If not, we have Ubuntu packages for the latest versions of PF_RING, Snort, DAQ, etc.: http://blog.securityonion.net/2014/08/new-pfring-snort-suricata-bro-packages.html
On Wed, Sep 3, 2014 at 12:15 PM, John Ives <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Thanks for the information. It seems odd that the link would have led > me to the PF_RING source code as it was the README.snort file in the > source code that told me to go to the snort page to get a stable > version of the "PF_RING-DAQ Module." > > Having said that has anyone seen a good information source of how to > compile the latest snort/DAQ with the latest (stable 6.0.1 or devel > 6.0.2) PF_Ring (pref using ZC) on RHEL/CENTOS 6.5. All of the cookbook > sort of docs I have found are written for older versions and don't > include ZC related advances. Additionally, most of them seem to have > minor issues that cause them not to translate to PF_Ring 6.0.X. > > Ultimately, I am trying to get build out several systems, each with > multiple snort instances running across multiple cores monitoring > around 3-4Gbps of traffic per system. This seems like a good scenario > for PF_RING, but figuring it out on my own seems is progressing slowly > and my google fu doesn't seem to be cutting it. > > Thank you, > > John > > On 08/29/2014 11:02 AM, Y M wrote: >> >> >>> Date: Fri, 29 Aug 2014 10:39:06 -0700 From: >>> [email protected] To: [email protected] >>> Subject: [Ntop-misc] PF_RING-DAQ module >>> >> I am trying to build a snort system on RHEL 6.5 and have been >> having some issues. In reading the README.snort file, it mentions a >> "Stable distributions of PF_RING-DAQ module" which was supposed to >> be at http://www.snort.org/snort-downloads/external-daq/. However, >> I believe it was lost in the snort.org redesign. Does anyone know >> if it still exists and if so where it can be found, >>> I am not sure where that link is now but it would eventually have >>> led you to Ntop's sourceforge repo: >>> http://sourceforge.net/projects/ntop/files/PF_RING/. From there >>> you can download the source code for PF_RING. You can also opt in >>> to download from SVN. If you are aiming for packages, you can >>> find the repo here: http://www.nmon.net/packages/ YM >> >> Thank you, >> >> John >> >>> _______________________________________________ Ntop-misc mailing >>> list [email protected] >>> http://listgateway.unipi.it/mailman/listinfo/ntop-misc >> >> >> >> >> _______________________________________________ Ntop-misc mailing >> list [email protected] >> http://listgateway.unipi.it/mailman/listinfo/ntop-misc >> > > - -- > - ------------------------------------------------------------------------- > John Ives > Information Security & Policy Phone (510) 229-8676 > University of California, Berkeley > - ------------------------------------------------------------------------- > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.14 (GNU/Linux) > > iQEcBAEBAgAGBQJUBz6rAAoJEJkidK6qbywsT+oH/1QASu6skEq4M8pfy1MuWeHr > Q3hWguHCwclv0wN6LMcjuK0K2FatKS5lRfjfsufeoR+qPQFQtBYphN//Yt59+bAF > VWpn00xcqbi+v8ac+KWfLxeKFs+JABcWQwpXvtJzJ70/NkNwPhL+FYFllrszaROQ > FjjgufYTc61WyMqDjh4RFSob8MIgsf3Te7rdavRMIB9ZaCHd84qOpOTqGDDT9JI0 > giK8EaOTyb3wsD0DtwrQQKB03n6zRVn+4jtHZNjPKEtmtJOy/Dkn9HhfLIvBRudP > u9Opqyw6N2GrITfyr+VEraq8YVuCmNadSarbnBIZxF17z3UOROQt3yZbjjW+DDI= > =RAkk > -----END PGP SIGNATURE----- > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc -- Doug Burks Need Security Onion Training or Commercial Support? http://securityonionsolutions.com _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
