| Anonymous | Login | 2024-04-23 14:42 EDT |  |
| Main | My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | |||
| 0001141 | PacketFence | IDS | public | 2010-12-20 09:26 | 2012-08-07 09:53 | |||
| Reporter | fgaudreault | |||||||
| Assigned To | obilodeau | |||||||
| Priority | low | Severity | feature | Reproducibility | N/A | |||
| Status | closed | Resolution | fixed | |||||
| Platform | OS | OS Version | ||||||
| Product Version | 2.0.0 | |||||||
| Target Version | 3.5.0 | Fixed in Version | 3.5.0 | |||||
| Summary | 0001141: Support for surricata IDS | |||||||
| Description | Suricata is another SNORT-like IDS coded in C. With our early tests, it would be possible to integrate it in PacketFence. However, we need suricata developpers to add the "log to socket" support. | |||||||
| Tags | No tags attached. | |||||||
| fixed in git revision | ||||||||
| fixed in mtn revision | ||||||||
| Attached Files | ||||||||
 Relationships |
||||||
|
||||||
 Relationships |
|
Notes |
|
|
(0001929) fgaudreault (viewer) 2011-03-15 17:05 |
Using suricata 1.1beta1 can now interact with PF. We can see the alerts coming in the packetfence.log. Now to officially support suricata, we need to refactor the detection part to allow support for different IDS, and make the IDS selectable via a configuration settings. |
|
(0001930) fgaudreault (viewer) 2011-03-15 17:07 |
Reminder sent to: obilodeau I guess you would like to follow this thread... |
|
(0002055) obilodeau (reporter) 2011-05-04 11:36 |
re-targeted for +1 release |
|
(0002335) fgaudreault (viewer) 2011-10-11 16:39 |
Adding variable to select snort or surricata under trapping. I will name it : trapping.detection_engine so : trapping.detection_engine=snort|surricata That will be very easy afterward to enable surricata support. I started a new branch for that integration. org.packetfence.feature.suricata |
|
(0002344) fgaudreault (viewer) 2011-10-13 15:30 |
Integration is working. To be reviewed prior merge. |
|
(0002348) obilodeau (reporter) 2011-10-14 09:18 |
Did review in 0000956. Sorry for the confusion. |
|
(0002857) fgaudreault (viewer) 2012-08-01 14:09 |
Fixed in 3.5.0 |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2010-12-20 09:26 | fgaudreault | New Issue | |
| 2011-03-15 17:03 | fgaudreault | Status | new => assigned |
| 2011-03-15 17:03 | fgaudreault | Assigned To | => fgaudreault |
| 2011-03-15 17:05 | fgaudreault | Note Added: 0001929 | |
| 2011-03-15 17:06 | fgaudreault | Target Version | 3 => 2.2.0 |
| 2011-03-15 17:07 | fgaudreault | Note Added: 0001930 | |
| 2011-05-04 11:36 | obilodeau | Note Added: 0002055 | |
| 2011-05-04 11:36 | obilodeau | Target Version | 2.2.0 => +1 |
| 2011-10-11 16:39 | fgaudreault | Note Added: 0002335 | |
| 2011-10-13 15:30 | fgaudreault | Note Added: 0002344 | |
| 2011-10-13 15:30 | fgaudreault | Assigned To | fgaudreault => obilodeau |
| 2011-10-13 15:31 | fgaudreault | Tag Attached: Code Review | |
| 2011-10-14 09:18 | obilodeau | Note Added: 0002348 | |
| 2011-10-14 09:19 | obilodeau | Relationship added | related to 0000956 |
| 2012-01-06 09:05 | fgaudreault | Description Updated | |
| 2012-08-01 14:09 | fgaudreault | Note Added: 0002857 | |
| 2012-08-01 14:09 | fgaudreault | Status | assigned => closed |
| 2012-08-01 14:09 | fgaudreault | Resolution | open => fixed |
| 2012-08-01 14:09 | fgaudreault | Fixed in Version | => 3.5.0 |
| 2012-08-03 10:20 | dwuelfrath | Tag Detached: Code Review | |
| 2012-08-07 09:53 | obilodeau | Target Version | +1 => 3.5.0 |
|
Issue History |
| Copyright © 2000 - 2012 MantisBT Group |
 |