[Snort-users] Firewalls on IDS

Don Weber Don at ...5881...
Wed Apr 9 14:54:02 EDT 2003


PKFilter by Jean-Baptiste Marchand hit google for the site to d/l it,
I've been using it for a while and it works well, uses basically the
same rules as a packet filter on an *nix box

Don


-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Miller,
Eoin
Sent: Wednesday, April 09, 2003 11:41 AM
To: Tom Culpepper; snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] Firewalls on IDS

from what i can remember you can just use IPSec Policies to do packet
filtering with windows 2000, i used this once so that peoples laptops
who were running the lightweight frontpage webserver wouldnt get any www
worms infecting them.

http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/itsol
utions/network/maintain/security/ipsecld.asp

hope this helps

:)

> -----Original Message-----
> From: Tom Culpepper [mailto:tculpepp at ...8819...]
> Sent: Wednesday, April 09, 2003 2:12 PM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] Firewalls on IDS
> 
> 
> I am currently running 2 NICS in my IDS machine, one for 
> sniffing, one 
> for access.  I need to know if there is any way to install a local 
> firewall on the machine.  I have removed stealthed the port 
> and have a 
> recive only cable on the sniffer NIC.  The other nic is running 
> normally, but needs some restriction to be safe.  I am running all of 
> this on a windows 2k machine.
> 
> -tom
> 
> 
> 
> -------------------------------------------------------
> This SF.net email is sponsored by: Etnus, makers of 
> TotalView, The debugger 
> for complex code. Debugging C/C++ programs can leave you 
> feeling lost and 
> disoriented. TotalView can help you find your way. Available 
> on major UNIX 
> and Linux platforms. Try it free. www.etnus.com
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 


-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The
debugger 
for complex code. Debugging C/C++ programs can leave you feeling lost
and 
disoriented. TotalView can help you find your way. Available on major
UNIX 
and Linux platforms. Try it free. www.etnus.com
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=ort-users





More information about the Snort-users mailing list