[Snort-users] PHP4 advisory... ACID?

Steve Halligan agent33 at ...187...
Tue Jan 23 10:16:49 EST 2001



> Quoting Jason Boyer (jason at ...418...):
> > > > Personally I wouldnt run acid on any public facing 
> interface, best to keep connections for a second interface 
> onto a private switch with restricted internal acces.
> > >
> > > A bit harsh - simply telling Apache to password-protect 
> the ACID directory
> > > and only run it over HTTPS should take care of most problems....
> > 
> > I would agree with password+ssl as the above solution is a 
> little extremely paranoid.
> a little paranoia never hurt anyone.
> 
> besides by having an unnumbered interface on the public side 
> it would make it difficult (esoteric for most script kiddies) 
> to enumerate ids systems on the net
> work, this is not a method of simple security through 
> obscurity, just a way of limiting my ids boxes from being 
> direct targets for DoS attacks and the like,
>  after all detecting such events is one of the reasons why I 
> put them in the first place.

Who says that your acid box is the same as your snort box?  Your snort box
can still be ivisible to the outside world at the same time your acid box
has a outward facing interface.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20010123/ce73c8f9/attachment.html>


More information about the Snort-users mailing list