Re: Hex LiveCD in 2011
33 views
Skip to first unread message
CS Lee
Jan 6, 2011, 3:23:13 AM1/6/11
to Gerard van Essen, hex-l...@googlegroups.com
Good day Gerard,
Thank you for your email, and I wish you the same as well for year 2011 and many more ;)
We don't have clear roadmap for what we are going to do with HeX in 2011, however the HeX 3.2 beta version will be released once we go through the testing phase, actually we have the HeX that is based on FreeBSD 8.2 in our close development, and we will release the beta after we have tested ourselves.
Though we don't have any roadmap specifically for this year, we do have todo
- Split development - HeX will have 3 versions - Workstation, Sensor, Server(We really hope to get this done for a while but all the members are busy with own works). Right now we have HeX workstation only that's available for security analyst to do packet post processing.
- Remain bsd spirit, while we use HeX for many situation, especially for our security consulting works, it will remain free and open.
- Improve the installer, not many actually know we have the easiest installer even before pc-bsd having one, we have modified version of bsd installer to get HeX installed to your laptop or vm, and many don't know about it.
- Largest packet processing and analysis tools in HeX workstation, you can compare ours with the rest of liveCD and you will definitely find we have almost all packet analysis tools in HeX, and all of them are categorized professionally
- NSM Console improvement - you may have never heard of NSM Console, we actually have NSM Console that glue all the packet analysis tools together, it's very modular and flexible where you can include any tools by writing the simple module. It's like metasploit for packet analysis. NSM Console is written in ruby. We will ask for feedback and also suggestion to improve the tool.
- HeX USB Stick - We actually have this in house, and we will release it soon, the reason we don't release previously because FreeBSD has a lot of hard time when trying to boot from USB device until the USB stack has improved lately.
- Include more tools, if you know any packet analysis tools that want to be included into HeX, let us know.
- So for HeX Server and Sensor, I would like to explain a bit, for the server it will be a central server to collect all the network data from the sensor
- For the HeX Sensor they will have tools like snort, bro, argus and many others, they will collect the network data and send to the HeX Server, then we can use HeX workstation to login to HeX Server and do the analysis.
- HeX will also take advantage from the FreeBSD network stack development, for example in 8.2 BPF zero copy i implemented, and people may not heard about freebsd ringmap, so we may include ringmap implementation for our HeX Sensor, it's currently in the testing and can be used with freebsd stable. Thanks to Alexandar for his work on that.
Again I would like to emphasize that with HeX normally you get almost full scale packet analysis platform, e.g, if you want to do ids/ips you can use snort/bro, if you want to do netflow analysis you can use argus/silktools/nfdump/fprobe/etc, and if you want to do statistical analysis you can use ourmon/tcpdstat/darkstat, if you want to do packet visualizatoin, you can use afterglow, etherape and so forth.
There's almost limitation when comes to packet processing, if you know how to use scripting then you can leverage HeX for greater things ;)
I would like to tell more about HeX, you can actuallly visit us at freenode irc - rawpacket channel
All the development members are from rawpacket, personally I would like to thank to them very much -
Kevin Foo(chfl4gs_)
Chris Lee from gatech
Matthew Lee Hinman(Main NSM Console developer)
Meling Mudin
Many other community members that have given useful feedback and testing ;)
--
Best Regards,
CS Lee<geek00L[at]gmail.com>
http://geek00l.blogspot.com
http://defcraft.net
Thank you for your email, and I wish you the same as well for year 2011 and many more ;)
We don't have clear roadmap for what we are going to do with HeX in 2011, however the HeX 3.2 beta version will be released once we go through the testing phase, actually we have the HeX that is based on FreeBSD 8.2 in our close development, and we will release the beta after we have tested ourselves.
Though we don't have any roadmap specifically for this year, we do have todo
- Split development - HeX will have 3 versions - Workstation, Sensor, Server(We really hope to get this done for a while but all the members are busy with own works). Right now we have HeX workstation only that's available for security analyst to do packet post processing.
- Remain bsd spirit, while we use HeX for many situation, especially for our security consulting works, it will remain free and open.
- Improve the installer, not many actually know we have the easiest installer even before pc-bsd having one, we have modified version of bsd installer to get HeX installed to your laptop or vm, and many don't know about it.
- Largest packet processing and analysis tools in HeX workstation, you can compare ours with the rest of liveCD and you will definitely find we have almost all packet analysis tools in HeX, and all of them are categorized professionally
- NSM Console improvement - you may have never heard of NSM Console, we actually have NSM Console that glue all the packet analysis tools together, it's very modular and flexible where you can include any tools by writing the simple module. It's like metasploit for packet analysis. NSM Console is written in ruby. We will ask for feedback and also suggestion to improve the tool.
- HeX USB Stick - We actually have this in house, and we will release it soon, the reason we don't release previously because FreeBSD has a lot of hard time when trying to boot from USB device until the USB stack has improved lately.
- Include more tools, if you know any packet analysis tools that want to be included into HeX, let us know.
- So for HeX Server and Sensor, I would like to explain a bit, for the server it will be a central server to collect all the network data from the sensor
- For the HeX Sensor they will have tools like snort, bro, argus and many others, they will collect the network data and send to the HeX Server, then we can use HeX workstation to login to HeX Server and do the analysis.
- HeX will also take advantage from the FreeBSD network stack development, for example in 8.2 BPF zero copy i implemented, and people may not heard about freebsd ringmap, so we may include ringmap implementation for our HeX Sensor, it's currently in the testing and can be used with freebsd stable. Thanks to Alexandar for his work on that.
Again I would like to emphasize that with HeX normally you get almost full scale packet analysis platform, e.g, if you want to do ids/ips you can use snort/bro, if you want to do netflow analysis you can use argus/silktools/nfdump/fprobe/etc, and if you want to do statistical analysis you can use ourmon/tcpdstat/darkstat, if you want to do packet visualizatoin, you can use afterglow, etherape and so forth.
There's almost limitation when comes to packet processing, if you know how to use scripting then you can leverage HeX for greater things ;)
I would like to tell more about HeX, you can actuallly visit us at freenode irc - rawpacket channel
All the development members are from rawpacket, personally I would like to thank to them very much -
Kevin Foo(chfl4gs_)
Chris Lee from gatech
Matthew Lee Hinman(Main NSM Console developer)
Meling Mudin
Many other community members that have given useful feedback and testing ;)
On Tue, Jan 4, 2011 at 3:55 AM, Gerard van Essen <gvan...@gmail.com> wrote:
Good day,I wish you (and your families) a prosperous and Happy 2011. Hope you guys are well and hopefully we'll see some new updates for Hex LiveCD this year.I'm planning to do a little series of FreeBSD based operating systems on freebsdnews.net: a bit of background, history and the plans for 2011 etc.
Would you mind and share your plans and roadmap for 2011 (if any)? Hopefully we can generate some excitement and a looking forward to releases this year.Many thanks in advanceGerard
--
Best Regards,
CS Lee<geek00L[at]gmail.com>
http://geek00l.blogspot.com
http://defcraft.net
Richard Bejtlich
Jan 10, 2011, 8:19:51 PM1/10/11
to hex-l...@googlegroups.com
On Thu, Jan 6, 2011 at 3:23 AM, CS Lee <gee...@gmail.com> wrote:
> Good day Gerard,
>
> Thank you for your email, and I wish you the same as well for year 2011 and
> many more ;)
>
> We don't have clear roadmap for what we are going to do with HeX in 2011,
> however the HeX 3.2 beta version will be released once we go through the
> testing phase, actually we have the HeX that is based on FreeBSD 8.2 in our
> close development, and we will release the beta after we have tested
> ourselves.
>
> Though we don't have any roadmap specifically for this year, we do have todo
>
> Good day Gerard,
>
> Thank you for your email, and I wish you the same as well for year 2011 and
> many more ;)
>
> We don't have clear roadmap for what we are going to do with HeX in 2011,
> however the HeX 3.2 beta version will be released once we go through the
> testing phase, actually we have the HeX that is based on FreeBSD 8.2 in our
> close development, and we will release the beta after we have tested
> ourselves.
>
> Though we don't have any roadmap specifically for this year, we do have todo
>
Hi CS and HeX team,
This is great news! I look forward to the next version.
Sincerely,
Richard
Reply all
Reply to author
Forward
0 new messages