FW: Argus on Security Onion
David Edelman
dedelman at iname.com
Thu Oct 10 20:58:44 EDT 2013
The latest release of Security Onion now contains a fully functional
/etc/argus.conf which exposes all of the previously unavailable Argus
features
--Dave
-----Original Message-----
From: Doug Burks [mailto:doug.burks at gmail.com]
Sent: Thursday, October 10, 2013 8:08 AM
To: David Edelman
Subject: Re: [ARGUS] Argus on Security Onion
On Mon, Aug 12, 2013 at 8:20 PM, David Edelman <dedelman at iname.com> wrote:
> Actually it's all rather irrelevant. The sole change is to the command
line
> that you use to (re)start Argus. Currently you have a hardcoded -P0 to
> prevent opening a listening port for the use of the clients. You also do
not
> provide an /etc/argus.conf file with the distribution.
>
> In short the single hardcoded parameter -P0 prevents Argus from working as
> expected by most Argus users and by providing a simple mechanism for
> eliminating it keeps Argus users out of the SO command files while still
> allowing them to do what they expect to do.
>
> If I provide an argus.conf file that parrots your command line (minus the
-w
> filenameToWriteTo) and you reduce the parameters for Argus to the -w
> filename . Everyone wins since the Argus folks will do what they normally
do
> and the non-Argus folks will still have exactly what they have now.
>
> We tell the folks on The Argus mailing list about the conf file (which
they
> expect to see) and let them do what they wish.
Hi David,
Your fixes have been published if you'd like to notify the Argus mailing
list.
http://securityonion.blogspot.com/2013/10/new-nsmsetup-packages-now-availabl
e.html
Thanks so much!
Doug
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6283 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20131010/9d9cbbda/attachment.bin>
More information about the argus
mailing list