argus-clients-3.0.0.rc.9.tar.gz compiles clean
Peter Van Epp
vanepp at sfu.ca
Wed Jun 21 15:22:20 EDT 2006
On Wed, Jun 21, 2006 at 02:09:35PM -0400, Carter Bullard wrote:
> Hey Peter,
> A major achievement!!!! I was next going to suggest that you
> get some other machines ;o) Thanks for all the work!!!!!!
Thats in the works :-). I have a pair of IBM P510 Power5 machines on
order for argus sensors (one prod, one test) and we have ordered a dozen or so
Sun 4200 Opteron boxes that I expect to be able to appropriate one of to try out
the 64 bit code (and the linux ring buffer code) on. That means I can put
one of the Power 5 boxes with 3.0 on on the regen taps on my inbound link in
parallel with the 2.0.6 sensor and do a live A/B test between them one way or
another (the ring buffer code seems to be unstable on our current kernel, but
an upgrade is in the works).
>
> I have more fixes in the works, but I suspect that I need to
> update the documentation, now. You had some man page
> patches? Any more?
Not so far, I haven't poked very far yet :-). I've just been playing
with ra from clients.rc.9 to see whats missing against 2.0.6. It may be
necessary to fix 2.0.6 to print some of the fields that 3.0 can find as well
as the ones that 3.0 is currently missing :-).
>
> Carter
>
On the subject of tcpdump test files:
http://cctf.shmoo.com/
holds the tcpdump files from the Defcon capture the flag hacking test network
which should have every odd and illegal packet known to man in them :-).
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
More information about the argus
mailing list