Debian, Information, OpenSourceSoftware, PRADS, Security, Sguil, Snort, Ubuntu

Prads 0.2.0 released

As Kacper stated here, PRADS 0.2.0 has been released!

You can download some debian packages here, or you can check out the GIT repo here.

Bug reports, issues, thoughts or any comments are very welcome!

Enjoy!

Advertisements
Standard

4 thoughts on “Prads 0.2.0 released

  1. Carlos Lopez says:

    Hi Edward,

    Do you have any doc about howto replace pads by prads to use with sguil?? Or do I need to enable fifo output only??

    Thanks.

    Like

    • Carl,
      At the moment, you should use the git version… We did some coding to add better support, but I don’t think we finished it and committed it… If you activly use it, please keep in touch, and we will add all the features you need and fix anything if you have a problem! ATM. us the “-f ” option to replace with pads… the src and dst IP is not 100% but still usefull. Working on fixing it!

      E

      Like

  2. Carlos Lopez says:

    Thanks Edward. I have installed prads from git but nothing is logged. My command line is:

    “prads -D -c /data/config/etc/snort-common/prads.conf -a 10.0.4.0/29,172.17.47.24/29,172.18.55.0/28,172.25.50.0/27”

    and my prads.conf is:

    arp=1
    service_tcp=1
    client_tcp=1
    service_udp=1
    os_syn_fingerprint=1
    os_synack_fingerprint=1
    os_ack_fingerprint=1
    os_rst_fingerprint=1
    os_fin_fingerprint=1
    os_udp=0
    icmp=1
    os_icmp=0
    log_file=/var/log/prads.log
    pid_file=/var/run/prads-idshybrid.pid
    interface eth2
    asset_log=/nsm/sensor_data/idshybrid/prads/prads-asset.log
    fifo=/nsm/sensor_data/idshybrid/prads.fifo

    Thanks.

    Like

  3. Carlos Lopez says:

    Ok, I have found where is the problem. If I configure what interface to listen in prads.conf, doesn’t works if nic is different from eth0. But If you pass interface param from command line using -i switch, all works.

    Can this be a bug?

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s