[Snort-users] PHP4 advisory... ACID?
wlmarque at ...8...
Tue Jan 23 11:30:22 EST 2001
Not to say that someone might not do this, but I fail to see why anyone in their
right mind would put their IDS management outside of their private network let
alone NOT password protect or at least filter it. Not to mention I've seen very
few (0) web servers with dual NICs. The advisory is a good reminder however
that we can't forget that our IDS management servers (those of us running ACID)
are running web processes that need to be secured.
From: Steve Halligan <agent33 at ...187...> on 01/23/2001 09:53 AM
To: "'Dave Ryan'" <dave at ...1192...>
cc: snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] PHP4 advisory... ACID?
You could do something like this (now for some ascii art :))
unnumbered int numbered int
| | | |
|snort| | acid |
| | | |
| mysql |
Or something like this...
> -----Original Message-----
> From: Dave Ryan [mailto:dave at ...1192...]
> Sent: Tuesday, January 23, 2001 9:08 AM
> To: Steve Halligan
> Cc: 'Dave Ryan'; snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] PHP4 advisory... ACID?
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> > Who says that your acid box is the same as your snort box?
> Your snort box
> > can still be ivisible to the outside world at the same time
> your acid box
> > has a outward facing interface.
> maybe you mean "internal facing", none the less quite true.
> I guess I was just making the point of keeping snort->db
> traffic and ACID retrieval on a private network. Sorry for
> the confusion.
> - --
> Dave Ryan Default Security
> http://www.default.org.uk/~dave dave at ...1192...
> GnuPG Key: http://www.default.org.uk/~dave/gpgkey.asc
> Fingerprint: F418 C882 FF03 82A0 A99A 2720 669C E8C3 44B8 2A0F
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.4 (OpenBSD)
> Comment: For info see http://www.gnupg.org
> -----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users