Features, Tools and Ideas

Skip to first unread message


Jan 28, 2008, 10:28:22 AM1/28/08
to HeX liveCD
Hi all,

Before we get into the HeX 2.0 active development, we would like to
hear from you!

What kind of features or tools do you like to see it in HeX 2.0? We
welcome any fruitful idea to make the next better version for HeX.

I would like to explain again here, HeX system is mainly developed for
network security analyzt to perform packet analysis, and you can
install it and having most of pcap analysis tools installed + some
other interesting tools and scripts that developed by the HeX
developers to assist you doing your job. It is not intended to be the
ids/ips/firewall but mainly as the workstation for analyzt.

We have thought of developing the sensor based system(where you can
run snort sensor, bro-ids, argus probe or ourmon system instantly) but
it is still rough idea among the developers.

Hopefully everything is going to be great in 2008 !!!!!

Cheers all!

Lee Hinman

Jan 28, 2008, 9:35:08 PM1/28/08
to HeX-l...@googlegroups.com
The same thing goes for NSM-Console, we want to hear feedback about
what you want to see included, improved or changed!

- Lee


Feb 4, 2008, 10:30:49 PM2/4/08
to HeX liveCD
I'd love a bootable Sguil/NSM system. While HeX is intended mostly as
an analyst workstation, there are times where I'd like to be able to
start capturing network traffic and alerts as fast as possible.

Keep up the good work!


CS Lee

Feb 5, 2008, 12:05:26 AM2/5/08
to HeX-l...@googlegroups.com
Hi jolly,

We are looking forward to do that kind of system separately but we are out of hand, we will look into that more when we have time, currently the idea about that is in ongoing discussion.

Thanks ;]

CS Lee

Feb 5, 2008, 2:08:09 AM2/5/08
to Stefan Ford, hex-livecd
Hi Stefan,

I'm not too sured about get perteva into hex but definitely geoip shouldn't be problem.

For the perteva web interface, we can basically add the bookmark for it which should do the trick.


On Feb 4, 2008 3:08 AM, Stefan Ford <stefa...@googlemail.com> wrote:
Hi Lee,

Great work the the Harimau Watchlist.

I have a few suggestions to it.
I did a similar think on the shell a few years ago
with less adresses but with 2 other things instead.

I used Geoip and outputs as well the Whois results.
Sometimes it is very useful to get this.

For FreeBSD exist a package for
GeoIP-1.4.2 Find the country that any IP address or hostname originates
That should maybe integrated in the new HeX?

Here your example adress.
GeoIP Country Edition: US, United States

If you have interest I can send you a few links
if I am back at home in the next week.

An other intersting thing which is worth to be integrated is:
I use it a lot ;-)


Best Regards,

CS Lee<geek00L[at]gmail.com>

Reply all
Reply to author
0 new messages