ARIS extractor from securityfocus.com with WEBppliance LS 3.0

2025-03-31

Does anyone know if it is possible to run ARIS extractor from securityfocus.com with WEBppliance LS 3.0? If so, is this the corect process to install it?

"To install this RPM, run :

# rpm --install aris-sensor-1.6-beta.i386.rpm

This will install the included programs in /usr/local/aris-sensor. Next, run the "install.pl" script within the aris-sensor directory to configure ARIS extractor to automatically upload your data."

Does anyone do this to monitor your servers? Is it necisary?

What security configuration would you recomend with WEBppliance LS 3.0?

Follow up

quote:
--------------------------------------------------------------------------------
I would recommend first checking what or if the above rpm has any dependecies. If it doesn't it should install just fine. If it does post here what they are, as it may no work properly with the Ensim Rpms.
--------------------------------------------------------------------------------

Extractor is compiled statically (no dependencies), while Snort has the
following dependencies:

[chaddon@victim extractor]$ ldd /usr/local/aris-sensor/snort
libm.so.6 => /lib/libm.so.6 (0x40019000)
libnsl.so.1 => /lib/libnsl.so.1 (0x40036000)
libc.so.6 => /lib/libc.so.6 (0x4004c000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

I don't imagine you should have any difficulties runnning it with
WEBppliance