esammons at hush.com
Wed Jun 27 00:00:32 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
On behalf of The Honeynet Project and Research Alliance, and the
rest of the honeywall team we want to thank everyone for joining
this list (currently 40 members) which will be dedicated to various
discussions of the Honeynet Project's Honeywall and related
It is here that we hope to stimulate discussion about how to use,
debug, fix, customize, and further develop the Honeynet Project's
Honeywall. One sugested starting point (Watson) was to seek
feedback on what people think the good/bad points are for what it
is we have today, namely roo-1.2.
We're working on setting some wiki space or similar up. Until
then, it might be best to decide on a way that will help us
maintian organization of feedback. One idea is to decide on how to
break things down into functional component based discussion topics
that we weed through until we have all aspects covered then move to
the next. Something like this might work:
Use Cases - Are they all covered? Are we trying to cover too many?
OS - OS ver, init handling, packaging, updating, building, etc.
Data Control - Snort-Inline, IPTables config etc.
Data Capture - Hflow, Sebek, Argus, TCPDump, Snort
Data Analysis - Walleye, others?
Let me know if this sounds like a good place to start and if so,
what else needs to be listed above or removed form above before we
start. If this does make sense, kets all agree on the list above
before we dig in...
I know this thing has issues so don't be shy about poniting out
where to make improvements ;P
thanks again for joining and feel free to chme in with any other
questions / concerns as we work on the good/bad discussion.
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5
-----END PGP SIGNATURE-----
More information about the Honeywall