phillip bailey's picture

Dear all,

I'm pleased to announce the release of Snorby Appliance based on Turnkey.

This virtual appliance have been developed to provide an out of the box
runing  web front end for snort, the popular ids . The snorby web interface
is  developed by Dustin Webber. This appliance is indicated for security
professionals with a depth knowledge of intrusion detection and security
monitoring.  Nevertheless beginners can use the appliance to to understand
and learn about intrusion detection and network security.

Snorby website: http://snorby.org

Snorby appliance web site: http://bailey.st/blog/snorby-spsa/

best regards ,
Phillip Bailey

Forum: 
Jeremy Davis's picture

If you follow the second link above (Snorby appliance web site) it states that the project has moved to http://www.bailey.st/blog/snorby-spsa/

If you follow that link you will see the new iso download.

phillip bailey's picture

Url correcterd

Liraz Siri's picture

Excellent work Phillip. It's great to see upstream pick up the glove and leverage TurnKey. We'd love to pull this work into the next release and a TKLPatch will help do that.
Vitor Leitao's picture

Hello,

I'm a beginner user of Snorby. I have been downloaded the ISO file, create a boot CD and everything goes right. But when I start Snorby, my sensors are only the loopback interface, even with an eth1 interface configured. Actually the appliance is connected in a Cisco Router 877 without any port mirroring.

If I start snort in a verbose mode I can see captured packets, but snorby doesn't capture nothing.

How can  I change the interfaces that I wish to capture packets?

Any tip?

Best Regards,

 

Vitor

Add new comment