As Kacper stated here, PRADS 0.2.0 has been released!
You can download some debian packages here, or you can check out the GIT repo here.
Bug reports, issues, thoughts or any comments are very welcome!
Enjoy!
As Kacper stated here, PRADS 0.2.0 has been released!
You can download some debian packages here, or you can check out the GIT repo here.
Bug reports, issues, thoughts or any comments are very welcome!
Enjoy!
GameLinux 
Hi Edward,
Do you have any doc about howto replace pads by prads to use with sguil?? Or do I need to enable fifo output only??
Thanks.
LikeLike
Carl,
At the moment, you should use the git version… We did some coding to add better support, but I don’t think we finished it and committed it… If you activly use it, please keep in touch, and we will add all the features you need and fix anything if you have a problem! ATM. us the “-f ” option to replace with pads… the src and dst IP is not 100% but still usefull. Working on fixing it!
E
LikeLike
Thanks Edward. I have installed prads from git but nothing is logged. My command line is:
“prads -D -c /data/config/etc/snort-common/prads.conf -a 10.0.4.0/29,172.17.47.24/29,172.18.55.0/28,172.25.50.0/27”
and my prads.conf is:
arp=1
service_tcp=1
client_tcp=1
service_udp=1
os_syn_fingerprint=1
os_synack_fingerprint=1
os_ack_fingerprint=1
os_rst_fingerprint=1
os_fin_fingerprint=1
os_udp=0
icmp=1
os_icmp=0
log_file=/var/log/prads.log
pid_file=/var/run/prads-idshybrid.pid
interface eth2
asset_log=/nsm/sensor_data/idshybrid/prads/prads-asset.log
fifo=/nsm/sensor_data/idshybrid/prads.fifo
Thanks.
LikeLike
Ok, I have found where is the problem. If I configure what interface to listen in prads.conf, doesn’t works if nic is different from eth0. But If you pass interface param from command line using -i switch, all works.
Can this be a bug?
LikeLike