Longpork, a python Snort, PulledPork, Barnyard2 installer for Ubuntu v1.1 release

So, it’s not really a ‘release’, it’s just a Python script. And this isn’t a giant update over the first version I put up a bit ago. The functionality has not essentially changed.

That said, if you want to look at the actual python code, it’s a heck of a lot better. I learned a fair amount this past month while I look for work, and decided today to go ahead and put it to use. I updated the parts of this script that were truly UGLY. The Snort version it pulls is now the newest as well. I added more data validation to the Snort rule creator, and did it in a way that involved code I wrote, rather than a cookbook script. So, outside of 1 single recipe (which is noted in the code) any horribleness you see here is all me.

The script has again been tested on Ubuntu 10.04, 10.04.2, and 11.04, and it works well. Older versions of Ubuntu may or may not work.

If you want a version for a Linux distro rather than Ubuntu, let me know. It wouldn’t take much to whip one up for you, and I could use the practice.

My next plan is to change the Rule Creator into something more interactive that updates the starting SID number based on rules already in your local rules file, and asks what fields you want to include, asking you to input info for each field. We’ll see where that goes, as I have time.

Have tips, questions, or comments on my code? Hit me up! Leave a comment! Rail at my inedptitude! Chances are good it will make me better.

Download Longpork

Advertisements

~ by Benjamin Kenneally on June 16, 2011.

3 Responses to “Longpork, a python Snort, PulledPork, Barnyard2 installer for Ubuntu v1.1 release”

  1. […] longpork.py […]

  2. Hey there! I just want to offer you a big thumbs up for the great info you
    have got here on this post. I’ll be coming back to your
    site for more soon.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

 
%d bloggers like this: