[Snort-users] Installing Snort Recommendations

Jan Muenther jan at ...206...
Fri Jan 12 15:50:21 EST 2001


Hi,

> I am new to snort, so I need some info on what platform to install it on for my site.  My manager has suggested that I set it up on a PC with either Linux or Solaris x86. We run Sun Solaris 2.6 on all our boxes here.

Well, I like the BSDs out there, and they make an _excellent_
snort platform. I really have to say that especially FreeBSD has
a great network and IO performance - OpenBSD's very useful, too,
but I'd rather suggest it for security critical missions in which
the host has direct contact to the outside world. FreeBSD is,
IMHO, a little easier to handle and has more ported applications
etc. Then again, it's not 'secure by default', but you don't want
your IDS host to have an external IP address anyway ;o))
 
> Also, how do you run snort (the syntax) as an Intrusion Detection System?

What do you mean? Ruleset or command line syntax??? 
Ruleset's basically whitehat's, else:
snort -o -d -D -i xl1 -c snort-ruleset

...not exactly tricky.

Bye, Jan

-- 
Radio HUNDERT,6 Medien GmbH Berlin
- EDV -
j.muenther at ...206...




More information about the Snort-users mailing list