I'm using it mainly for traffic analysis of network flow data. I'll try the tools that you are suggesting though.
Thanks for your reply and your interest. Antonios 2012/1/17 Doug Burks <[email protected]> > Hi Antonios, > > What exactly do you use SiLK for? You may be able to find the session > data you're looking for in other tools that already exist in Security > Onion such as SANCP, Argus, and Bro. > > Thanks, > Doug > > On Mon, Jan 16, 2012 at 2:24 PM, Antonios Atlasis > <[email protected]> wrote: > > Thanks a lot for your reply, Doug, > > > > I am looking forward to it. By the way, can I suggest an additional tool > for > > one of the next releases? I was thinking about SiLK. It may be valuable > to > > some intrusion analysts > > > > > > Antonios > > > > 2012/1/16 Doug Burks <[email protected]> > >> > >> Hi Antonios, > >> > >> Yes, I will most likely spin a new ISO next week. I'm waiting on the new > >> version of Suricata to be released so I can include it. > >> > >> Please let me know if you have any further questions! > >> > >> Thanks, > >> Doug > >> > >> > >> On Monday, January 16, 2012, Antonios Atlasis < > [email protected]> > >> wrote: > >> > Hi Doug > >> > > >> > are you planning to release a new iso too? Just wondering... > >> > > >> > Congratulations for the great work! > >> > > >> > Antonios > >> > > >> > 2012/1/16 Doug Burks <[email protected]> > >> >> > >> >> Adrian, thanks for the plug and the great video! > >> >> > >> >> I just published Security Onion 20120116 which updates Snort to > 2.9.2: > >> >> > >> >> > http://securityonion.blogspot.com/2012/01/security-onion-20120116-now-available.html > >> >> > >> >> BTW, if you're a fan of Security Onion, please vote for it for 2011 > >> >> Toolsmith Tool of the Year! > >> >> > >> >> > http://holisticinfosec.blogspot.com/2011/12/choose-2011-toolsmith-tool-of-year.html > >> >> > >> >> Thanks, > >> >> Doug Burks > >> >> > >> >> On Sun, Jan 15, 2012 at 8:37 PM, Adrian Crenshaw > >> >> <[email protected]> wrote: > >> >> > > >> >> > > >> >> > Thanks to Doug Burks (he might make a good interview) for making > >> >> > building a > >> >> > Network Security Monitoring Server much easier. I mentioned Snort, > >> >> > Snorby, > >> >> > Barnyard, PulledPork and Daemonlogger in the title, but there is a > >> >> > lot more > >> >> > on the distro than that. This is a nice way to get an IDS up and > >> >> > running > >> >> > featuring pretty frontends without going into dependency hell. > >> >> > > >> >> > > >> >> > > http://www.irongeek.com/i.php?page=videos/basic-setup-of-security-onion-snort-snorby-barnyard-pulledpork-daemonlogger > >> >> > > >> >> > Adrian > >> >> > -- > >> >> > "The ability to quote is a serviceable substitute for wit." ~ W. > >> >> > Somerset > >> >> > Maugham > >> >> > > >> >> > _______________________________________________ > >> >> > Pauldotcom mailing list > >> >> > [email protected] > >> >> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > >> >> > Main Web Site: http://pauldotcom.com > >> >> > >> >> > >> >> > >> >> -- > >> >> Doug Burks > >> >> SANS GSE and Community Instructor > >> >> Security Onion | http://securityonion.blogspot.com > >> >> President, Greater Augusta ISSA | http://augusta.issa.org > >> >> Please vote for Security Onion for 2011 Toolsmith Tool of the Year! | > >> >> http://goo.gl/PwTDi > >> >> _______________________________________________ > >> >> Pauldotcom mailing list > >> >> [email protected] > >> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > >> >> Main Web Site: http://pauldotcom.com > >> > > >> > > >> > > >> > -- > >> > ================================= > >> > Antonios Atlasis, PhD, MPhil > >> > GIAC GREM, GPEN, GWAPT, CCIH, GCIA > >> > > >> > >> -- > >> Doug Burks > >> SANS GSE and Community Instructor > >> Security Onion | http://securityonion.blogspot.com > >> President, Greater Augusta ISSA | http://augusta.issa.org > >> Please vote for Security Onion for 2011 Toolsmith Tool of the Year! | > >> http://goo.gl/PwTDi > >> > >> > >> _______________________________________________ > >> Pauldotcom mailing list > >> [email protected] > >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > >> Main Web Site: http://pauldotcom.com > > > > > > > > > > -- > > ================================= > > Antonios Atlasis, PhD, MPhil > > GIAC GREM, GPEN, GWAPT, CCIH, GCIA > > > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > > > -- > Doug Burks > SANS GSE and Community Instructor > Security Onion | http://securityonion.blogspot.com > President, Greater Augusta ISSA | http://augusta.issa.org > Please vote for Security Onion for 2011 Toolsmith Tool of the Year! | > http://goo.gl/PwTDi > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- ================================= Antonios Atlasis, PhD, MPhil GIAC GREM, GPEN, GWAPT, CCIH, GCIA
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
