Hi, Some months ago used a hardened system incl. prelude+snort etc. Now using a normal system and want to reinstall prelude etc. But there is no documentation about prelude (searched for them more than ones), i only have an old one (around 2004). Now see that the packages are in the tree, not masked, so is there a possibility to include them in the docs again? Eventually the old ones could be used, only amended/edited. Think it'll usefull to have prelude-docs, even more there were such. Thanks. Rumen Reproducible: Always Steps to Reproduce: 1. 2. 3.
Isn't http://www.gentoo.org/proj/en/hardened/prelude-ids.xml what are you looking for? Discovered via http://www.google.com/search?q=prelude+site%3Agentoo.org :-P
Hi, Yes it's, but i don't think you have to use google/search-engine to get an official gentoo document (is it outdated, not-maintained or other cause?). Even more i have a script (which i run occasionally) to fetch the whole docs tarball, see "Documentation Development Tips & Tricks", to get all the docs. Previously this guide was linked from hardened-doc page (IIRC), not now. Just checked. So the solution may be as simple as putting a link to this document in the "Project Specific Documentation" page (or elsewhere if appropriate) or making it history. All the prelude related packages are in portage though. Thanks. Rumen
Well, if the project itself doesn't link to it we don't want to link to it either as it might very well mean that they don't feel that the document is good anymore. Reassigning to hardened team: if the prelude doc is still reference-worthy, can you reference it? TIA :)
The prelude docs were by maintained mboman who is no longer with the gentoo project. While some of it still may apply some things have fundamentally changed. Some time after mboman became a dev the netmon herd was formed and prelude along with other IDS were moved under that herd. We will keep the old prelude doc in place till such time as the netmon herd creates a new one or something. netmon: You might want to use the old .xml doc as a template for creating a new one.
This might help: https://trac.prelude-ids.org/wiki/PreludeHandbook
Created attachment 59842 [details] prelude-ids.xml I had a preliminary look at this document and fixed minor things. Things that need to be done: Write a section on reporting plugins for prelude-manager; We are now using Snort instead of prelude-nids, so instructions need to updated accordingly; Prewikka replaces PIWI;
Hi, Thanks very much, hate to see this docs going away or being outdated. Could give the new version some testing, complemented by PreludeHandbook. Rumen
Hi, Initially installed the old prelude (ver. 0.8.x) which is currently stable and the old docs are actual/precise. Later will try out the new/testing prelude-0.9.x. Thanks. Rumen
Quite frankly, Prelude's Handbook should be enough for version 0.9. Updating this document is mostly a job of plagiarizing it. Prelude's Handbook is in Wiki format, so if anyone has anything to add, please do it there.
