Download Latest Version
Xfiltr8-alpha-0.3.iso (698.9 MB)
Get an email when there's a new version of Xfiltr8
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| README.txt | 2009-08-15 | 1.4 kB | |
| Xfiltr8-alpha-0.3.iso | 2009-08-02 | 698.9 MB | |
| Totals: 2 Items | 698.9 MB | 0 |
The Xfiltr8 Live CD August 15th, 2009 http://xfiltr8.sourceforge.net Eric Conrad, xfiltr8@ericconrad.com This is the xfiltr8 live CD version 0.4 ALPHA (emphasis on the ALPHA) Goal is to have a solid beta by fall of 2009 All passwords are set to 'xfiltr8' DO NOT ALLOW NETWORK CONNECTIVTY TO THIS OS WITHOUT A FIREWALL UNLESS YOU CHANGE ALL PASSWORDS (including mysql) The outbound snort rules are currently all enabled. This is clearly suboptimal; the plan is to create a set of 'recommended' rules (low false positives). Snort uses 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 as HOME_NET. Please edit appropriately for your environment. The alert front-end is currently BASE, this may change to squil: http://sguil.sourceforge.net/ The scripts mostly massage proxy logs; these will be updated to handle multiple formats, including pcap files. xfiltr8 does not have squid installed, it's designed to handle imported logs (or you could install squid via apt-get, etc.) Volunteers needed! Tasks include: 1. More custom rules (/etc/xfiltr8/xfiltr8-custom.rules 2. Tuning the existing rules and defining a recommended set 3. Write a script that launches on boot, and presents menus to customize the passwords, firewall, snort config, etc. 4. Create an xfiltr8 logo 5. Format the sourceforge site (it's a generic template with little else right now