[Snort-users] Snort and Firewalls

Jan Muenther jan at ...206...
Mon Oct 16 09:10:42 EDT 2000


> I think it is preferrable to run your IDS on a system that is not
> providing any function to other systems. It is much less likely that
> it will be found and attacked, so you always have a second opinion in
> case something happens.

Absolutely. Plus, if you run it in "stealth" mode (tm), it
doesn't even appear to the outside world, which makes it a
difficult target. You're listening and it doesn't show. 
-- 
Radio HUNDERT,6 Medien GmbH Berlin
- EDV -
j.muenther at ...206...



More information about the Snort-users mailing list