[Snort-users] running snort on webserver

Simon Frohn sf at ...1883...
Tue Apr 24 06:32:07 EDT 2001


at the moment I am using ipchains to
block everything except ftp, http and ssh
on a webserver.
Nevertheless I would like getting informend
about break-in attempts, scans and dos-attacks
especially those using the http-service.

Would you recommend putting snort on
the same machine the webserver is running?
I do not have the possibility to set up
a special snort server ...
Or is it safer to rely on ip-firewalling and not
to scan http-traffic?


More information about the Snort-users mailing list