[Snort-users] PHP4 advisory... ACID?
dave at ...1192...
Tue Jan 23 05:37:58 EST 2001
-----BEGIN PGP SIGNED MESSAGE-----
Quoting Jason Boyer (jason at ...418...):
> > > Personally I wouldnt run acid on any public facing interface, best to keep connections for a second interface onto a private switch with restricted internal acces.
> > A bit harsh - simply telling Apache to password-protect the ACID directory
> > and only run it over HTTPS should take care of most problems....
> I would agree with password+ssl as the above solution is a little extremely paranoid.
a little paranoia never hurt anyone.
besides by having an unnumbered interface on the public side it would make it difficult (esoteric for most script kiddies) to enumerate ids systems on the net
work, this is not a method of simple security through obscurity, just a way of limiting my ids boxes from being direct targets for DoS attacks and the like,
after all detecting such events is one of the reasons why I put them in the first place.
ssl+password works well too, dont get me wrong, I just enjoy sleeping now and again.
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
Dave Ryan Default Security
http://www.default.org.uk/~dave dave at ...1192...
GnuPG Key: http://www.default.org.uk/~dave/gpgkey.asc
Fingerprint: F418 C882 FF03 82A0 A99A 2720 669C E8C3 44B8 2A0F
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (OpenBSD)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the Snort-users