Wesley Shields wrote:
If someone wants to tackle an ossim port, they will first have to create a port for spade. Then, after the spade port has been accepted into the ports tree, they can create the ossim port. The ossim website doesn't even provide any links to spade, or any of the other applications it uses, nor does it provide instructions on how they integrate into ossim.On Thu, Aug 17, 2006 at 12:22:33PM +0200, [EMAIL PROTECTED] wrote:Hi,I need use ossim (www.ossim.net), a security tool that provides patch for snort, ntop, arpwatch, tcptrack, base, ecc.Can you apply ossim patch to the snort port?You sent me the same message but asking me to apply the patch to the ntop port. As I told you in my reply I don't think ossim provides patches to the various applications but rather bundles them all together with some glue and a web front end. If anything there should be an ossim port. Of course, this is all from a 5 minute glance through the webpage you linked to so I could be entirely wrong. If anyone has the time to port ossim I'm sure it would be appreciated by the original poster.
Once you've gotten spade accepted, you'll have to deal with a a boatload of dependencies and options to get the port working as the end-users will expect. You'll have to check for, and install if necessary, arpwatch, p0f, pads, nessus, snort, mysql, spade, tcptrack, ntop, nagios and possibly osiris.
I've been down this road before. I decided to build ports for sguil. I first had to port barnyard and sancp and fix the iwidgets port (so I became maintainer.) The sguil ports are *still* not in the ports tree, and I started this project well over a year ago. I actually had to scrap my original sguil ports because sguil had a major revision before any of them were accepted.
That's what you face if you want to port ossim. Good luck. -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/
smime.p7s
Description: S/MIME Cryptographic Signature
