We just released new Trisul packages for the CentOS 6.1 64-bit platform.
Please get the *el6* packages from our download page
Users currently on CentOS 5.x please plan to move to 6.x soon. We may discontinue support for 5.x in a few months.
Author: Vivek Rajagopalan
Vivek Rajagopalan is the a lead developer for Trisul Network Analytics. Prior products were Unsniff Network Analyzer and Unbrowse SNMP. Loves working with packets , very high speed networks, and helping track down the bad guys on the internet.
How to add search to your static site
Trisul’s new website is completely static. We have never been happier to finally move away from Joomla! and WordPress. There is no database, no PHP, no perl, no security upgrades. Just files and nginx. Now I just look at the access logs and laugh at all the sql exploit attempts. But one of the features we lost on the static site was search. I wanted to share how we used Google Custom Search to close that gap.
It is dead simple.
Go to Google Custom Search http://www.google.com/cse/
Click on Create a Custom Search Engine
Give it a name, enter sites you want to cover with the search.
Select Standard Edition. It is free, but will show ads on the search results page. No ads will be shown on the search widget itself.
Complete the process and get the javascript. Integrate the script into your static page.
Here is how it looks ready to accept input
Here is how it looks when the user searches for something on your site. Notice the ads on the top. They dont bother me that much !
Tools for static sites
By the way, we use the following tools for trisul.org
- Site generator – statis
- CSS framework – Twitter Bootstrap
- Web server for development – adsf
- Background textures – Subtle Patterns
- Icons – WPZOOM
- Forms – Google Docs
- Search – Google Custom Search
- Twitter feed – Twitter widget
I found all these tools by lurking on Hacker News.
Trisul 2.2 officially supports Ubuntu 32-bits (security onion)
Trisul 2.2 now officially supports Ubuntu 32-bit builds. It is a result of user requests to make Trisul run on the Security Onion distro.
Here are instructions to get Trisul running on Security Onion.
The following Trisul plugins which were previously only available on 64-bit platforms are now available for 32-bit Ubuntu as well.
- Badfellas – Compare your traffic against public blacklist and flag the baduns
- URLFilter – Your web traffic counted by News/Radio/Pron/Blogs/etc
- Geo – Traffic by country and ASN
How does Trisul fit in with the other tools in the distro
First of all, Security Onion is a complete and capable NSM distro out of the box. Trisul can run alongside all the other tools without disturbing your running configuration. Trisul introduces traffic monitoring and overlaps with some tools in terms of function. Trisul introduces no conflicts, just another choice for you to get to the data.
Lets take a quick look at the overlaps :
- Traffic – No overlap with any tool. Use Trisul to monitor traffic patterns in real time and historical.
- Flows – Overlaps with Argus. Trisul tracks and stores all TCP/UDP flows just like argus and includes ability to pull packets from any flow.
- Real time Alerts – Overlaps with SGUIL. Trisul however has no workflow to escalate events.
- Historical Alerts – Overlaps with Squert.
- Packets – Overlaps with Daemonlogger/Snort. Trisul is a bit more advanced in it lets you specify rules to cut down storage + encrypts on disk caps.
- HTTP URLs – Overlaps with httpry
- DNS names – No overlap
Free
Trisul is completely free to monitor a most recent 3-day window. The model we are following is Splunk’s. Give a highly usable product away for free but leave enough on the plate for us to do this full time. There are no nags or any weird tricks.