Demarc Releaes Sentarus Home Edition (snort front end)
Results 1 to 8 of 8

Thread: Demarc Releaes Sentarus Home Edition (snort front end)

  1. #1
    Senior Member
    Join Date
    Jun 2003
    Posts
    236

    Demarc Releaes Sentarus Home Edition (snort front end)

    This came out on freshmeat this morning.
    Instead of going to freshmeat though heres a direct link

    http://www.demarc.com/downloads/Sentarus_fm/

    I know there are many of us here that are Snort and PureSecure users.
    The only issue is that this is not a simple program like PureSecure but a full ISO that has an OS and everything. So basically this means you need to have a machine dedicated to IDS (err actually IPS).

    Id be curious if someone does have the extra hardware to hear what the biggest differences between PureSecure and Sentarus is. I guess I could maybe deploy this on vmware, but even my vmware is very old and not sure if it could handle it.
    That which does not kill me makes me stronger -- Friedrich Nietzche

  2. #2
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    From Sentarus HomeAdmin
    the free Sentarus HomeAdmin Edition is an indispensible tool for security professionals and experienced engineers to deploy in a home lab environment.
    Translated: Loosers and lamers keep away! This is for customers ( so they don't have to violate the end-user agreements ) and potential customers only ( so they can get comfortable with it and recommend it for their workplaces ). And don't ask us a lot of stupid questions, you're supposed to be professionals!

    This is not criticism. I rather like the idea actually, even though I don't believe I fit in there.

    Other observations:
    Freshmeat says this is a pre-release, but I see no mention of that on the Demarc site.

    Here is where I get confused. The home-page says,
    Note: Sentarus HomeAdmin requires installation on a dedicated server with at least a 1GHz Pentium III (or similar class) processor, 256MB RAM and a 10GB hard disk.
    But in the Sentarus_HomeAdmin_1.0_Admin-sw.pdf
    it says
    Processor: Intel Pentium IV, 1.6 GHz or similar class, 768MB RAM and a 80GB hard disk for Management Console installations and 30GB for network sensor installations
    oh, and also says
    Caution: The Installation CD reformats the hard drive and erases any data that exists on the server.
    I really wish I had a spare machine ... I would love to run this along side snort ( it includes an “ enhanced Snort engine" ), and appears to have some really pretty screens! running on .... BSD ???

    Anyone have experience with the Enterprise version?
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

  3. #3
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    Originally posted here by IKnowNot
    From Sentarus HomeAdmin

    This is not criticism. I rather like the idea actually, even though I don't believe I fit in there.

    Other observations:
    Freshmeat says this is a pre-release, but I see no mention of that on the Demarc site.

    Their site mentions pre-release.

    Maybe they just added it.

    "Description: Sentarus HomeAdmin 1.0 Pre-release, Bootable CDR/RW ISO Image Installer"

  4. #4
    Senior Member
    Join Date
    Jun 2003
    Posts
    236
    The iso I got was Sentarus_HomeAdmin-1.0PR.iso
    I am assuming PR is pre-release.

    Not sure about the hardware specs though. I only have 512 total ram on my system at home but I will try to make a vmware image with 256 and see if that works.
    That which does not kill me makes me stronger -- Friedrich Nietzche

  5. #5
    Senior Member
    Join Date
    Jun 2003
    Posts
    236
    The info on the site was actually correct and the doc looks messed up.
    256MB of ram worked. I would bet the docs are a port from the enterprise edition.

    I mean theres only one disc that has a Management Console and a Network Senor on it. The doc makes it sounds like theres requirements for 2 types of ISO's.
    That which does not kill me makes me stronger -- Friedrich Nietzche

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    I saw this when PureSecure first released the appliance. I like PureSecure as a "real time" monitor bit find it a tad limited in it's 'reporting' capability. I like it's service checking system and use it extensively alongside the 'real time' view of things but I have dropped the integrity checker in favor of GFI's free system... It's a personal preference thing mostly but I did find, on a couple of occasions, that if there was a problem with the MySQL database on the PureSecure box then the biggest headache was getting the integrity checkers to properly re-register themselves etc. Usually it required an entire reinstall of the system which meant data loss.... maybe I wasn't doing it right, but the PureSecure "knowledgebase" is a little limited too....

    I dismissed Sentarus on the basis of cost and the fact that I have a perfectly functional and relatively low maintenance system in place right now - yes, it could be improved and I am always looking for ways to do so without spending a non-existent budget....

    I think IKnownot has it about right when he says:-

    Loosers and lamers keep away! This is for customers ( so they don't have to violate the end-user agreements ) and potential customers only ( so they can get comfortable with it and recommend it for their workplaces ). And don't ask us a lot of stupid questions, you're supposed to be professionals!
    What I don't get about the "sales pitch" is that if this is for home use what the hell do you have behind this box that needs so much security and if you keep stuff that sensitive on your home network then you should probably reconsider how you carry out your work in the first place.... At least keep that stuff on a network with an airwall.... Sentarus is overkill if all you are trying to prevent is your own identity theft.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #7
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    What I don't get about the "sales pitch" is that if this is for home use what the hell do you have behind this box that needs so much security and if you keep stuff that sensitive on your home network then you should probably reconsider how you carry out your work in the first place.... At least keep that stuff on a network with an airwall.... Sentarus is overkill if all you are trying to prevent is your own identity theft. [/B]
    The sales pitch makes sense to me. I always play with new technology on my home network or in a "home lab" type of environment. They probably stress "home" so people won't use it in a work or production environment. The home version is for evaluation. They have a version you can buy for work.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  8. #8
    Senior Member
    Join Date
    Jun 2003
    Posts
    236
    Yes overkill for sure. And I dont have the addtional hardware to keep this going on.
    I will continue to use my PS since its on my server that hosts a number of services.
    I actually just wanted to get my hands on it from a technology stand point.
    That which does not kill me makes me stronger -- Friedrich Nietzche

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •