AW: [Snort-users] Workstation or Server in RH 7.2?

spyguy703 spyguy703 at ...131...
Wed Feb 27 12:22:05 EST 2002


Um...Why would you install all of that software anyways?

A snort box needs all the CPU and RAM it can get its hands on. It *should* be 
a single purpose box with snort and ssh installed. If you are installing 
redhat, just select server install, then manually unselect that which you 
will not use.

As a general practice, you should NEVER install all software from a distro. 
The more software, the more vulnerable you *can* be. What is the point of 
installing it if you are turning it off? 

PLEASE PLEASE PLEASE don't tell people to 'install all software'!
This is all we need...(think about IIS and code red and nimda...)


On Wednesday 27 February 2002 06:09 am, Demetri Mouratis wrote:
> Ok, granted.  But installing all the services is different than saying
> enable all the services.  I routinely install everything then turn it off.
> I guess I wasn't clear about this but it is the snort list after all!
>
> On Wed, 27 Feb 2002, Poppi, Sandro wrote:
> > Choosing the custom option is ok but DON'T install all packages! As a
> > snort box is a "security device" you should only install the minimal
> > things needed to run and administer snort, e.g. why should I install X,
> > KDE, Gnome? Don't need it. Why installing telnet, r services or nfs,
> > apache, ...? Don't need it. Install openssh instead of telnet.
> >
> > And always watch for security updates!
> >
> > Any package installed could open your box for well-known vulnerabilities.
> > Also streamlining the kernel for performance issues is a good thing
> > (don't forget to remove gcc afterwards, you don't need it anymore).
> >
> > Sandro
> >
> > > I would recommend doing a custom install and chosing to install all
> > > packages.  Stay away from the prebuilt options RedHat offers
> > > you unless
> > > you don't plan to use the machine much.
> > >
> > >  On Tue, 26 Feb 2002, CGI wrote:
> > > > What installation you are using for Snort in Red Hat,
> > > > Workstation or Server and why?
> > > >
> > > >
> > > > Thanks
> > >
> > > ______________________________________________________________________
> > >
> > > > Find, Connect, Date! http://personals.yahoo.ca
> > > >
> > > > _______________________________________________
> > > > Snort-users mailing list
> > > > Snort-users at lists.sourceforge.net
> > > > Go to this URL to change user options or unsubscribe:
> > > > https://lists.sourceforge.net/lists/listinfo/snort-users
> > > > Snort-users list archive:
> > > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> > >
> > > ---------------------------------------------------------------------
> > > Demetri Mouratis
> > > dmourati at ...3878...
> > >
> > >
> > > _______________________________________________
> > > Snort-users mailing list
> > > Snort-users at lists.sourceforge.net
> > > Go to this URL to change user options or unsubscribe:
> > > https://lists.sourceforge.net/lists/listinfo/snort-users
> > > Snort-users list archive:
> > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> ---------------------------------------------------------------------
> Demetri Mouratis
> dmourati at ...3878...
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com





More information about the Snort-users mailing list