AW: AW: [Snort-users] Workstation or Server in RH 7.2?

Demetri Mouratis dmourati at ...3877...
Wed Feb 27 07:21:06 EST 2002


nmap is your friend.
On Wed, 27 Feb 2002, Poppi, Sandro wrote:

> Ok you do have another point of view than I do. In my world ;) everything
> installed is a potentially bad thing, even if not activated. Think of a
> vulnerable service activated and a suid program which you installed but not
> used but is also vulnerable. Or what if you just forget to deactivate the
> service accidently?
>
> Too much risk in a secure envirnment in my eyes.
>
> But as I said: That's my personal opinion.
>
> Ciao,
> Sandro
> >
> > Ok, granted.  But installing all the services is different than saying
> > enable all the services.  I routinely install everything then
> > turn it off.
> > I guess I wasn't clear about this but it is the snort list after all!
> >
> >
> > On Wed, 27 Feb 2002, Poppi, Sandro wrote:
> >
> > > Choosing the custom option is ok but DON'T install all
> > packages! As a snort
> > > box is a "security device" you should only install the
> > minimal things needed
> > > to run and administer snort, e.g. why should I install X,
> > KDE, Gnome? Don't
> > > need it. Why installing telnet, r services or nfs, apache,
> > ...? Don't need
> > > it. Install openssh instead of telnet.
> > >
> > > And always watch for security updates!
> > >
> > > Any package installed could open your box for well-known
> > vulnerabilities.
> > > Also streamlining the kernel for performance issues is a
> > good thing (don't
> > > forget to remove gcc afterwards, you don't need it anymore).
> > >
> > > Sandro
> > > >
> > > >
> > > > I would recommend doing a custom install and chosing to
> > install all
> > > > packages.  Stay away from the prebuilt options RedHat offers
> > > > you unless
> > > > you don't plan to use the machine much.
> > > >
> > > >  On Tue, 26 Feb 2002, CGI wrote:
> > > >
> > > > > What installation you are using for Snort in Red Hat,
> > > > > Workstation or Server and why?
> > > > >
> > > > >
> > > > > Thanks
> > > > >
> > > > >
> > > > >
> > > >
> > ______________________________________________________________________
> > > > > Find, Connect, Date! http://personals.yahoo.ca
> > > > >
> > > > > _______________________________________________
> > > > > Snort-users mailing list
> > > > > Snort-users at lists.sourceforge.net
> > > > > Go to this URL to change user options or unsubscribe:
> > > > > https://lists.sourceforge.net/lists/listinfo/snort-users
> > > > > Snort-users list archive:
> > > > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> > > > >
> > > >
> > > >
> > ---------------------------------------------------------------------
> > > > Demetri Mouratis
> > > > dmourati at ...3878...
> > > >
> > > >
> > > > _______________________________________________
> > > > Snort-users mailing list
> > > > Snort-users at lists.sourceforge.net
> > > > Go to this URL to change user options or unsubscribe:
> > > > https://lists.sourceforge.net/lists/listinfo/snort-users
> > > > Snort-users list archive:
> > > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> > > >
> > >
> >
> > ---------------------------------------------------------------------
> > Demetri Mouratis
> > dmourati at ...3878...
> >
>

---------------------------------------------------------------------
Demetri Mouratis
dmourati at ...3878...





More information about the Snort-users mailing list