[Snort-users] Clarification of understandings.
twr at ...163...
Fri Aug 9 14:14:02 EDT 2002
Please bear with me .... I am so very new to the software programs involved. I have downloaded and read the installation documentation for all the software packages involved but the installation topology eludes me. I have asked a similar question before on the list but I guess I didn't make the question very explicit. I want to install the five primary packages, (Apache, MySQL, Webmin, ACID and Snort), and the ACID dependencies, (PHP, ADOBD, PHPLOT).
To my understanding, so far, one can install all the packages in one box to monitor an external, DMZ and internal interface via hubs placed at the points where snort can see all the packets going/coming from the particular interface. Is this right so far? If not, I'm limited as to how many boxes (2) I can use in order to install all the packages....so in this case, what combination of packages do I have to install on each one of the boxes in order to have this IDS topology working properly. The documentation I have read are very well put together but they are missing this one key element.
If their is documentation that one can point me (or that I missed somewhere) to that will give me some guidance towards this goal, it would be appreciated. Or, if someone has had a similar experience and has successfully deployed such a topology and can give me some pointers this also would be extremely helpful.
Your input/insights will be gratefully appreciated.
Tim -- Mia/Fla
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users