[Honeywall] Welcome!

Earl esammons at hush.com
Thu Jun 28 00:50:43 EDT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stefan/all,

Yeah, that wasnt very clear was it...  Maybe this is a little
better...

Use Cases - Are they all covered?  Are we trying to cover too many?
Footprint - Install ISO, Live CD, USB stick, Application only
OS related - init handling, packaging, updating, system health, etc.
Data Control - Snort-Inline, IPTables config etc.
Data Capture - Hflow, Sebek, Argus, TCPDump, Snort
Data Analysis - Walleye, Add others? Re-build?
Build Process - How the honeywall is built from source(es) - We'll
save this one for last.  By then we should (hopefully) have the
public read-only SVN repo opend so I cna demo what we have now for
comparison.

Keep in mind I'm tossing this up to help us fire up some general
discussion, albeit somewhat categorized, on what to leave alone,
tweak, fix, remove, completely re-design, whatever...

Suggestions on a better approach are welcomed!


Earl


On Wed, 27 Jun 2007 03:58:36 -0400 Stefan Kelm
<stefan.kelm at secorvo.de> wrote:
>> Use Cases - Are they all covered?  Are we trying to cover too
>many?
>> OS - OS ver, init handling, packaging, updating, building,  etc.
>> Data Control - Snort-Inline, IPTables config etc.
>> Data Capture - Hflow, Sebek, Argus, TCPDump, Snort
>> Data Analysis - Walleye, others?
>> Build Process
>>
>> Let me know if this sounds like a good place to start and if so,
>> what else needs to be listed above or removed form above before
>we
>> start.  If this does make sense, kets all agree on the list
>above
>> before we dig in...
>
>Well done, Earl!
>
>Two minor questions:
>
> - what's the difference between the "build process"
>   and "OS ... building"?
> - do we need a separate topic on "general roo config"?
>
>Cheers,
>
>	Stefan.
>
>--------------------------------------------------------
>T.I.S.P.  -  Lassen Sie Ihre Qualifikation zertifizieren
>vom 25.-30.06.2007 - http://www.secorvo.de/college/tisp/
>--------------------------------------------------------
>Stefan Kelm
>Security Consultant
>
>Secorvo Security Consulting GmbH
>Ettlinger Strasse 12-14, D-76137 Karlsruhe
>Tel. +49 721 255171-304, Fax +49 721 255171-100
>stefan.kelm at secorvo.de, http://www.secorvo.de/
>PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B
>
>Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox
>_______________________________________________
>Honeywall mailing list
>Honeywall at public.honeynet.org
>https://public.honeynet.org/mailman/listinfo/honeywall
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5

wkYEARECAAYFAkaDOeYACgkQk7+e+4lPSm3DiQCghUy9XbqlWkkPQ7fr4H0kYiT69BEA
nArqrp2w23Vf7YrqQ8iLfRsDZqfs
=NnnL
-----END PGP SIGNATURE-----




More information about the Honeywall mailing list