[Snort-users] running snort on webserver
sf at ...1883...
Tue Apr 24 06:32:07 EDT 2001
at the moment I am using ipchains to
block everything except ftp, http and ssh
on a webserver.
Nevertheless I would like getting informend
about break-in attempts, scans and dos-attacks
especially those using the http-service.
Would you recommend putting snort on
the same machine the webserver is running?
I do not have the possibility to set up
a special snort server ...
Or is it safer to rely on ip-firewalling and not
to scan http-traffic?
More information about the Snort-users