Page 1 of 2 12 LastLast
Results 1 to 10 of 15
  1. #1
    Untangler
    Join Date
    Nov 2008
    Location
    Spring, TX
    Posts
    83

    Default Emerging Threats Integration

    The below link is a feature request to integrate the rules for the intrusion prevention module and/or the firewall module.

    http://bugzilla.untangle.com/show_bug.cgi?id=5713
    --
    greyman & his :twocents:

  2. #2
    Master Untangler
    Join Date
    May 2008
    Posts
    126

    Default

    This would be nice...

  3. #3
    Master Untangler
    Join Date
    Aug 2008
    Posts
    112

    Default

    email me if interested. I'm integrating this as we speak. Like a couple beta testers. Expect to have running within a couple days if all goes well. dcbour at desktopsolutioncenter dot ca (the usual lame but semi effecive spambot deterrent..sub the at and dot with the respective characters).
    I'll post the solution once I've got it working too. Andrew in support is aware of this coming too per conversations earlier this week.

  4. #4
    Master Untangler
    Join Date
    Sep 2008
    Posts
    345

    Default

    Quote Originally Posted by dcbour View Post
    email me if interested. I'm integrating this as we speak. Like a couple beta testers. Expect to have running within a couple days if all goes well. dcbour at desktopsolutioncenter dot ca (the usual lame but semi effecive spambot deterrent..sub the at and dot with the respective characters).
    I'll post the solution once I've got it working too. Andrew in support is aware of this coming too per conversations earlier this week.
    Hey, I just send you an e-mail

    Thanks

  5. #5
    Master Untangler
    Join Date
    Aug 2008
    Posts
    112

    Default

    Alpha release of this now available - outside of the Untangle project (unless they incorporate it
    Email me and I'll send you the script. It's a simple bash script which you simply transfer to your box. I'll assume you're well versed in file transfer, crontab or however you chose to run it, ie Linux newbies - not ready for prime time yet.
    dcbour at desktopsolutioncenter dot ca
    Take care.
    Dave

  6. #6
    Master Untangler
    Join Date
    Aug 2008
    Posts
    112

    Default

    Beta 0.3 released... Files available on the bugzilla or via email from me at dcbour at desktopsolutioncenter dot ca.

    http://bugzilla.untangle.com/show_bug.cgi?id=5713

    Wanted: someone capable of adding a web page to update the exceptions file included so it can be controlled easier rather than via ssh. Email me for details if interested.
    Last edited by dcbour; 01-13-2009 at 02:58 AM.

  7. #7
    Master Untangler
    Join Date
    Oct 2008
    Posts
    141

    Default

    Just downloaded and tested it. seams to be updating the IPS rules. But it still took me offline for a while there! I forgot to store the output in a >log.txt. Sorry :

    Using this version: http://bugzilla.untangle.com/attachment.cgi?id=1161

  8. #8
    Master Untangler
    Join Date
    Oct 2008
    Posts
    113

    Default

    Guys - any way to get in touch with Untangle Management? this needs to be an app if the mainstream user community is going to get any benefit from it. I think its great we have another IPS style package - and FREE... come on UT.. where are the API's we heard about?

  9. #9
    Master Untangler
    Join Date
    Aug 2008
    Posts
    112

    Default

    As the "developer" of this add-on, it does use the IPS module. This simply integrates an expanded set of rules. It also shows how one could go about expanding their own rules if they so chose.
    From the developers (of UT), I can see their need to not include this as their rules go through a strict quality control aspect before releasing them.
    This is at the whimsy of the Emerging Threats team and their data collection. As a result, several rules may be edited several times a day as they are tweaked, resulting in false positives, etc.
    All that said, I still find it beneficial as have several others.
    From my perspective, what would be nice from the developers is an API or instructions on how to reload modules rather than my "hack" at doing it, which is guaranteed to be less efficient than what the untangle code does when it reloads. That said, if I understood Java code (or spent the time to find it), since it is all open source, I could probably find out but I haven't had that liberty.
    As to mainstream, as I introduced it, it's still a beta release, in my opinion. Though I can't write a instructions clearly enough like the likes of silver bullet or sky-knight and some others, I hope that attaching the modules to the bugzilla is adequate. If you wish to join the beta team, let me know and I'll keep you in the loop as I do updates. The team seems the releases about 24 hrs before the bugzilla posting to help me iron out issues prior to the release.
    Hope that helps everyone.
    Dave
    Last edited by dcbour; 01-21-2009 at 01:52 AM.

  10. #10
    Untangler
    Join Date
    Nov 2008
    Location
    Spring, TX
    Posts
    83

    Default

    Quote Originally Posted by whatuusay1 View Post
    Guys - any way to get in touch with Untangle Management?
    I started this with a feature request.

    http://bugzilla.untangle.com/show_bug.cgi?id=5713
    --
    greyman & his :twocents:

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2