[Snort-users] Snort on reverse proxy

Chris Green cmg at ...671...
Thu Feb 7 06:44:07 EST 2002


"e-mail lists" <lists at ...4901...> writes:

> Hi,
>

[...]

>
> I have been considering running snort on the reverse proxy to
> further filter requests to the database web server.
> Unfortunately, for the time being, I have no other hardware to
> install snort elsewhere. Apache configured as a reverse proxy is
> the only service on this box. there are no other devices on the
> reverse proxy network.
>
> Can someone advise of the suitability of running snort on the
> reverse proxy to filter requests? 

Snort doesn't filter. Check out http://hogwash.sourceforge.net for
snort-based filtering.

> What is the preferred database and why (the client has postgres
> experience and no mysql experience)

In high traffic situations, none.  Back when I used to play with
snortdb, it was easier to tune mysql than postgres.
-- 
Chris Green <cmg at ...671...>
A good pun is its own reword.




More information about the Snort-users mailing list