[Snort-users] security of acid

shawn . moyer shawn at ...1184...
Thu Mar 8 09:25:36 EST 2001


Ragnar Beer wrote:
 
> I was thinking about using acid with snort but when I went to the
> website I read that it uses php. I've heard that php has quite a bad
> security record. Could anybody perhaps comment on that? I wouldn't
> like to open up a gaping hole, of course.

You could run a separate webserver instance with PHP on the same box
over another port, and firewall access to it except from a specific
range of IP's. You can use IPFilter or IPChains on the webserver box to
block access on the port you run ACID from. 

I'd also use https so that you're not sending the http password in the
clear. 



--shawn

-- 

s h a w n   m o y e r
shawn at ...1184...


The universe did not invent justice; man did.
Unfortunately, man must reside in the universe.

					-- Zelazny




More information about the Snort-users mailing list