Language Selection

English French German Italian Portuguese Spanish

Snort on OpenWrt: Guarding the SOHO perimeter

Filed under
HowTos

If you're edgy about security for your SOHO LAN, you might want to consider moving your first line of defense out past your firewall. How about on your router, for example? If your router runs OpenWrt, you can do exactly that, by running Snort, the open source intrusion detection system (IDS) project that has become the most widely deployed IDS in the world. Throw in the firewall that comes out of the box with OpenWrt White Russian, and suddenly the perimeter seems a lot more secure.

Nicholas Thill -- known as Nico in the OpenWrt community -- maintains three separate packages for Snort in his repository of packages. They include a plain Jane version, without any support for logging to a database, and two database-specific packages: one for MySQL and one for PostgreSQL. All are based on the Snort release 2.3.3-1 and are considered to be in a testing state and not yet included in the official release.

For the sake of simplicity, I'll discuss the plain Jane installation in this article.

Full Story.

More in Tux Machines

​Red Hat buys into Docker containers with Atomic Host

Not much over a year ago, few people knew about containers, and fewer still knew about Docker. Since then, the idea of building server and applications out of container-based micro-servers, has exploded in popularity. Red Hat has been watching this and now with Red Hat Enterprise Linux 7 Atomic Host (RHELAH) the company has its own operating system/container pairing to offer the business world. Read more

VMware heads to court over GPL violations

The Software Freedom Conservancy alleges that VMware is using GPL-licensed code in its proprietary products Read more

5 awesome security features to expect in PC-BSD 10.1.2

Five of those security and security-related features were announced today and are on track to be included in the next edition, which should be PC-BSD 10.1.2. They are PersonaCrypt – a command line utility to backup a user’s home directory to an encrypted external media Tor Mode in System Updater Tray Stealth Mode in PersonaCrypt Ports now use LibreSSL by default instead of OpenSSL Support for encrypted backups in Life-Preserver utility Read more

COM Express module runs Linux on a 2.3GHz Tegra K1

Seco is prepping a Linux-friendly COM Express Type 6 Compact module with a quad-core, 2.3GHz Tegra K1 SoC and optional extended temperature support. When we covered the Nvidia Jetson TK1 single board computer last March, we didn’t realize the manufacturer was Seco. In addition to the Jetson TK1 (Seco product page here), Seco is now adding a COM Express Type 6 Compact computer-on-module called the SECOMExp-TK1, which similarly runs Linux on an Nvidia Tegra K1 SoC. Read more