[Snort-users] security of acid
richard.lawley at ...1503...
Thu Mar 8 08:43:53 EST 2001
Most of the security would be handled by the web server - eg using .htaccess
files to password protect your acid pages, or restrict by IP address. Any
security holes found in PHP would be fixed promptly anyway, so I don't think
that there are any issues here. Just keep up to date with bug
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Ragnar Beer
Sent: 08 March 2001 12:46
To: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] security of acid
That's certainly the best way to do it. Only in this case I need to
run snort on the protected machine which is connected to the internet
only and is a webserver.
So I wonder what happens to security when I add PHP.
>> I was thinking about using acid with snort but when I went to the
>> website I read that it uses php. I've heard that php has quite a bad
>> security record. Could anybody perhaps comment on that? I wouldn't
>> like to open up a gaping hole, of course.
>even if so, you wouldn't want to give everyone access to your
>IDS's statistics page, do you? I mean, I keep it
>password-protected in my internal switched network ;o))
>Radio HUNDERT,6 Medien GmbH Berlin
>- EDV -
>j.muenther at ...206...
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
More information about the Snort-users