[unisog] Dshield like submission for local campus

Johannes B. Ullrich jullrich at euclidian.com
Mon Jun 13 19:34:02 GMT 2005


Valdis.Kletnieks at vt.edu wrote:
>On Mon, 13 Jun 2005 10:28:17 PDT, Joe Little said:
>
>>Ok.. I'm not seeing from dshield how one sets this up themselves. Is
>>there a pointer somewhere?
>>
>
>Randy - can you find out what the current Official Party Line is on the
>code availability? It's flip-flopped so many times even *I* don't know
>what it is now...
>
The code is available under a GPL license. One of the problems is that
it is constantly changing and I never setup a good system to distribute
it (its in CVS and such, but for example you also need a lot of data
like country lookup tables and such). We do expect that users of the
code contribute data back to DShield.

For me, one of the problems in the past was support of users of the code.

Write me off-list if you are interested. I should finally setup a
mailing list for users of the backend to allow support among the users.

(BTW: If anybody is at SANFIRE in Atlanta this week, look me up...)



>Everybody else - I've discovered the single biggest problem in running one of
>these is that users can never figure out how to submit really good firewall logs
>by themselves (no matter what ICF claims, broadcast packets to port 631 are
>probably *not* attack packets, and need to be filtered out. ;)
>
>------------------------------------------------------------------------
>
>_______________________________________________
>unisog mailing list
>unisog at lists.sans.org
>http://www.dshield.org/mailman/listinfo/unisog
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://www.dshield.org/pipermail/unisog/attachments/20050613/2b3ec5d1/signature.bin


More information about the unisog mailing list