[Snort-users] IDS Placement ideas for inside and outside a firewall.

Brei, Matt mbrei at ...8727...
Wed Apr 2 13:14:07 EST 2003


That's what I was thinking.  I just wanted to make sure.

 

-----Original Message-----
From: Drew Stockman [mailto:Drew.Stockman at ...8272...] 
Sent: Wednesday, April 02, 2003 3:50 PM
To: Brei, Matt; snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] IDS Placement ideas for inside and outside a
firewall.

 

We have a "dirty" hub in between the routers and firewalls.  Lets us
have the IDS and if we ever need to sniff traffic for troubleshooting
purposes just plug into the hub.

 

Drew Stockman 
Security Analyst 
CIBMIS 

	-----Original Message-----
	From: Brei, Matt [mailto:mbrei at ...8727...]
	Sent: Wednesday, April 02, 2003 1:43 PM
	To: snort-users at lists.sourceforge.net
	Subject: [Snort-users] IDS Placement ideas for inside and
outside a firewall.

	Hi everyone.  I am trying to convince my company to implement
IDS on our network but I have a few questions.  I know I would want one
on both sides of the firewall, but on a switched network, how would I
force traffic to go through Snort before it reached its destination?
Also, the way its set up now, the Cisco 1751 router goes right into the
Cisco PIX 501 firewall and from there into a switch.  How would I place
an IDS between the firewall and switch?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030402/5919cb2f/attachment.html>


More information about the Snort-users mailing list