Monthly Archives: August 2014

Snort

Snort

Erster Eindruck: Die stark ├╝berarbeitete Snort-Version 2.0, 06/2003
Intrusion Detection mit Snort, Snorby, Open FPC und Pulled Pork, 04/2011
OpenBSD: Snort Intrusion Detection System, July 23 2011
Understanding the Snort architecture
Design of a multimedia traffic classifier for Snort

Snort2Pf

Snort2Pf
Snort2Pf is a small Perl daemon which greps Snort’s alertfile and blocks the “naughty” hosts for a given amount of time using pfctl.

VirtualBox

VirtualBox 6 on Ubuntu

$ sudo dpkg -i virtualbox-6.0_6.0.12-133076~Ubuntu~bionic_amd64.deb 
[sudo] password for andreas:         
Selecting previously unselected package virtualbox-6.0.
(Reading database ... 253319 files and directories currently installed.)
Preparing to unpack virtualbox-6.0_6.0.12-133076~Ubuntu~bionic_amd64.deb ...
Unpacking virtualbox-6.0 (6.0.12-133076~Ubuntu~bionic) ...
dpkg: dependency problems prevent configuration of virtualbox-6.0:
 virtualbox-6.0 depends on libqt5opengl5 (>= 5.0.2); however:
  Package libqt5opengl5 is not installed.
 virtualbox-6.0 depends on libqt5printsupport5 (>= 5.0.2); however:
  Package libqt5printsupport5 is not installed.
 virtualbox-6.0 depends on libqt5x11extras5 (>= 5.6.0); however:
  Package libqt5x11extras5 is not installed.

dpkg: error processing package virtualbox-6.0 (--install):
 dependency problems - leaving unconfigured
Processing triggers for ureadahead (0.100.0-21) ...
ureadahead will be reprofiled on next reboot
Processing triggers for systemd (237-3ubuntu10.23) ...
Processing triggers for gnome-menus (3.13.3-11ubuntu1.1) ...
Processing triggers for desktop-file-utils (0.23+linuxmint6) ...
Processing triggers for mime-support (3.60ubuntu1) ...
Processing triggers for hicolor-icon-theme (0.17-2) ...
Processing triggers for shared-mime-info (1.9-2) ...
Errors were encountered while processing:
 virtualbox-6.0

$ sudo apt-get --fix-broken install
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Correcting dependencies... Done
The following additional packages will be installed:
  libqt5opengl5 libqt5printsupport5 libqt5x11extras5
The following NEW packages will be installed:
  libqt5opengl5 libqt5printsupport5 libqt5x11extras5
0 upgraded, 3 newly installed, 0 to remove and 269 not upgraded.
1 not fully installed or removed.
Need to get 318 kB of archives.
After this operation, 1'316 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 libqt5opengl5 amd64 5.9.5+dfsg-0ubuntu2.3 [132 kB]
Get:2 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 libqt5printsupport5 amd64 5.9.5+dfsg-0ubuntu2.3 [178 kB]
Get:3 http://archive.ubuntu.com/ubuntu bionic/universe amd64 libqt5x11extras5 amd64 5.9.5-0ubuntu1 [8'596 B]
Fetched 318 kB in 1s (528 kB/s)              
Selecting previously unselected package libqt5opengl5:amd64.
(Reading database ... 254250 files and directories currently installed.)
Preparing to unpack .../libqt5opengl5_5.9.5+dfsg-0ubuntu2.3_amd64.deb ...
Unpacking libqt5opengl5:amd64 (5.9.5+dfsg-0ubuntu2.3) ...
Selecting previously unselected package libqt5printsupport5:amd64.
Preparing to unpack .../libqt5printsupport5_5.9.5+dfsg-0ubuntu2.3_amd64.deb ...
Unpacking libqt5printsupport5:amd64 (5.9.5+dfsg-0ubuntu2.3) ...
Selecting previously unselected package libqt5x11extras5:amd64.
Preparing to unpack .../libqt5x11extras5_5.9.5-0ubuntu1_amd64.deb ...
Unpacking libqt5x11extras5:amd64 (5.9.5-0ubuntu1) ...
Setting up libqt5x11extras5:amd64 (5.9.5-0ubuntu1) ...
Setting up libqt5printsupport5:amd64 (5.9.5+dfsg-0ubuntu2.3) ...
Setting up libqt5opengl5:amd64 (5.9.5+dfsg-0ubuntu2.3) ...
Processing triggers for libc-bin (2.27-3ubuntu1) ...
Setting up virtualbox-6.0 (6.0.12-133076~Ubuntu~bionic) ...
Adding group `vboxusers' (GID 129) ...
Done.
vboxdrv.sh: failed: modprobe vboxdrv failed. Please use 'dmesg' to find out why.

There were problems setting up VirtualBox.  To re-start the set-up process, run
  /sbin/vboxconfig
as root.  If your system is using EFI Secure Boot you may need to sign the
kernel modules (vboxdrv, vboxnetflt, vboxnetadp, vboxpci) before you can load
them. Please see your Linux system's documentation for more information.

Your system has UEFI Secure Boot enabled.                                                                                                                                                                                              

UEFI Secure Boot requires additional configuration to work with third-party drivers.                                                                                                                                                     

The system will assist you in configuring UEFI Secure Boot. To permit the use of
third-party drivers, a new Machine-Owner Key (MOK) has been generated.
This key now needs to be enrolled in your system's firmware.

To ensure that this change is being made by you as an authorized user, and not by
an attacker, you must choose a password now and then confirm the change after
reboot using the same password, in both the "Enroll MOK" and "Change Secure Boot
state" menus that will be presented to you when this system reboots.   

If you proceed but do not confirm the password upon reboot, Ubuntu will still be
able to boot on your system but any hardware that requires third-party drivers to
work correctly may not be usable.    

$ reboot

Enroll MOK

$ lsmod | grep vb
vboxpci                24576  0
vboxnetadp             28672  0
vboxnetflt             28672  0
vboxdrv               487424  3 vboxpci,vboxnetadp,vboxnetflt


$ dpkg -l | grep virtualbox
ii  virtualbox-6.0  6.0.12-133076~Ubuntu~bionic  amd64  Oracle VM VirtualBox

$ sudo vi /etc/apt/sources.list
deb https://download.virtualbox.org/virtualbox/debian bionic contrib

Host: Linux, VM: FreeBSD

VirtualBox vboxnet0-Adapter hinzuf├╝gen