[Snort-users] Still Help Needed: i want to make a firewall

Mike Mentges mike at ...8840...
Wed Apr 16 19:07:04 EDT 2003


Michael,
        I have to give you props for being able to configure a Windoze
based box for a firewall. I have to say that Microsoft has a "special" way
of coding that just isnt logically right to learn by some people (anyone
who likes to learn on their own and tinker with every aspect of the box).
I have to admit I was an MCP on NT4.0 and I probably could not configure a
machine running windows, as a secure patched firewall device. I however,
can get an OpenBSD box up and running very tight firewall in about 3 hours
as well but, using free tools that save my company and our customers
money. In the many OS's I have toyed with I have found OpenBSD to be the
best documented OS to date. I do not have Windows servers in my
environment therefore I see them as painstaking and cumbersome to
configure as a firewall and feel safe about them..(I do have an ulcer so
no need to aggrivate that) ;-) Windows has its place and it is just a
matter of time till sysadmins start deploying *nix as desktop replacement.
Then Windows might not make it without some serious changes. I am curious
to look at 2003 and see what it will be like that is for sure!!

Mike Mentges


On Wed, 16 Apr 2003, Michael Steele wrote:

> Robert,
>
> Well said. I think a lot of people know my name by now and what company I
> work for and what OS I'm very familiar with by now.
>
> I can take a new box and in three hours have Windows XP loaded with all
> patches and service packs, Snort installed sending; its alerts to MySQL with
> Acid as the console for viewing alerts, and have it locked down just as
> tight as any like UNIX box. This is also with IIS5.
>
> Most of these people that bad mouth Microsoft products simply don't know
> what they are talking about. They simply don't like Windows; either because
> they don't like the box company, or simply don't understand it, or even
> because they have to shell out dollars for it, unlike UNIX, which is usually
> free.
>
> Bottom line is to use what you're comfortable with. Snort CAN be installed
> securely on either platform (Windows or *nix).
>
>  -Michael
>
>  Michael Steele | System Engineer / Support Technician
>  mailto:michaels at ...155...
>  Silicon Defense: IDS solutions - http://www.silicondefense.com
>  Snort: Open Source Network IDS - http://www.snort.org
>
>
> -----Original Message-----
> From: snort-users-admin at lists.sourceforge.net
> [mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Robert Reid
> Sent: Tuesday, April 15, 2003 10:08 PM
> Cc: 'snort-users at lists.sourceforge.net'
> Subject: RE: [Snort-users] Still Help Needed: i want to make a firewall
>
> Nonsense. Windows 2000 and above done right is every bit as secure as any
> *NIX, more so in some cases. The number 1 problem with Windows are the lame
> admins. If the admin is crap the box will be crap, it doesn't matter what OS
> it's running. Why do people rarely take this into consideration?
>
> And yes, I also run Snort on Windows 2000 and have done for the past two
> years. Shudder.
>
> -----Original Message-----
> From: Paul Schmehl [mailto:pauls at ...6838...]
> Sent: Tuesday, April 15, 2003 3:41 PM
> To: Mike Mentges; Junaid
> Cc: snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] Still Help Needed: i want to make a firewall
>
>
> Maybe so, but you had better know what you're doing with pf or ipfw, or
> you'll be worse off.  The *last* thing I would recommend for a Windows-only
> admin person it to use the BSDs.  Let them cut their teeth on RedHat and
> iptables, and then once they have some grasp of Unix firewalls, you can
> move them gradually to the BSDs.
>
> --On Tuesday, April 15, 2003 02:23:31 PM -0400 Mike Mentges
> <mike at ...8840...> wrote:
>
> > The best way to make a firewall with a win2k machine is to fdisk,
> > format, and install a *BSD or *nix on it ;-P Preferably OpenBSD.
> > Windows is far too insecure to be dependent upon for fire wall.
>
> Paul Schmehl (pauls at ...6838...)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list
>





More information about the Snort-users mailing list