[Snort-users] VDQ: Snort basic

Chris Eidem ceidem at ...5503...
Mon Aug 5 11:16:05 EDT 2002


> 	All I know about it is what I've read on novalug in the
> last couple of days. I ran ZoneAlarm under W98 on my other hard
> drive long enough before getting linux to know that merely being an
> inconspicuous user on a home machine doesn't protect from sundry
> intrusion attempts that I don't begin to understand; so now I ought
> to have some sort of defense, but don't know what I can hope to
> handle, or even find straight up about. Is Snort such a thing, or
> am I out of my league as usual?

quick answer: yes -- right now.

think of yourself as a nation that was attacked at the beginning of
world war two.  biplanes, horse-mounted troops, static foot-deep
concrete walled fortresses.  now, look at the end of the war; rockets
that almost reached the top of the atmosphere, jets, atom bombs, they
came a long way in six years...

you've armed yourself with a linux box, so now it's time to put a
firewall on it.  learn, learn fast and learn well.  you are out of your
league -- right now.  this changes quickly.  lots of books, websites and
mailing lists.  and if you're doubly retired, you have time.

go now, build a firewall with an ids on it.  we'll help you, but DO YOUR
HOMEWORK!

google is your friend
search the f(ine) archives (mailing list kind) - STFA
read the f(ine) manual - RTFM
FAQs
books
google is your friend (i repeat myself for emphasis)
then ask

 - chris




More information about the Snort-users mailing list