Snort mailing list archives
Re: Securing a Snort machine
From: "M M" <snort_man () hotmail com>
Date: Thu, 17 Apr 2003 14:38:00 +0000
Here are a few steps to get you going: Shutdown all unnecessary services. Make sure the machine is invisible on the network. No IP address. Good passwordsI am not sure how you have it set up but any communications to it should be encrypted (i.e. SSH instead of telnet) Also if Snort reports back to a database make sure those communications are encrypted as well. If this is the case you should also be using two NICs, one for listening (w/ no IP address) and one for reporting.
From: Elvira_Byrnes () mobileinnovations com au To: snort-users () lists sourceforge net Subject: [Snort-users] Securing a Snort machine Date: Thu, 17 Apr 2003 14:07:39 +1000 Hi Everybody I have installed Snort and now want to make the machine secure. Snort willbe listening on border attacks (outside the network), on the dmz, and insidethe lan. What is the best way of doing it on RedHat 8.0 and 9.0? Thanks a lot. Elvira ******************** Confidentiality Statement *************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intendedrecipient of this message, you must not disseminate, copy or take any actionin reliance on it. If you have received this message in error, please delete it from your system and notify the sender immediately. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the view of the company.
_________________________________________________________________MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Securing a Snort machine Elvira_Byrnes (Apr 16)
- Re: Securing a Snort machine Patrick S. Harper (Apr 16)
- <Possible follow-ups>
- RE: Securing a Snort machine Elvira_Byrnes (Apr 16)
- Re: Securing a Snort machine Michael Anderson (Apr 17)
- RE: Securing a Snort machine Matt Kettler (Apr 17)
- Re: Securing a Snort machine Saad Kadhi (Apr 18)
- Performance Bottleneck Daniel R. Miessler (Apr 18)
- RE: Securing a Snort machine Elvira_Byrnes (Apr 16)
- RE: Securing a Snort machine Semerjian, Ohanes (Apr 17)
- RE: Securing a Snort machine Semerjian, Ohanes (Apr 17)
- Re: Securing a Snort machine M M (Apr 17)
- RE: Securing a Snort machine Dean Scott (Apr 17)
- RE: Securing a Snort machine Elvira_Byrnes (Apr 22)