[Snort-users] Securing a Snort machine

Elvira_Byrnes at ...8560... Elvira_Byrnes at ...8560...
Wed Apr 16 22:34:02 EDT 2003


Thanks a lot for your suggestions. What is the proper way to configure an
IPless interface on the RedHat? Is it safe to run Webmin on that box?
 
Thanks a lot.
 
Regards
 
Elvira

-----Original Message-----
From: Semerjian, Ohanes [mailto:ohanes.semerjian at ...8907...]
Sent: Thursday, 17 April 2003 3:06 PM
To: 'Elvira_Byrnes at ...8560...';
snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] Securing a Snort machine


Best way is to :
 
1. use IPless interfaces (specially one on Internet ) except the one that
will use it to connect to the box ( which is best to be located internally).
2. Use ssh to connect to the box via the internal interface on the LAN.
3. Close all ports (via shutting down ports and stopping scripts that are
not need to be run on the box) except for ssh.
4. Scan the box to find out if you do have any ports open other than ssh.
 

Best Regards 

Ohanes Semerjian 
Security Engineer, AsiaPac 
International Security Group  (Central Services) 
WorldCom International 

Ph:(02) 9434 5636 
Mob: 0410 657 249 

PGP kEY 
75DF 2980 5663 2DC1 12CD  E43E 94D6 7A9A 222D 3449 

-----Original Message-----
From: Elvira_Byrnes at ...8560...
[mailto:Elvira_Byrnes at ...8560...]
Sent: Thursday, 17 April 2003 2:08 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Securing a Snort machine


Hi Everybody
 
I have installed Snort and now want to make the machine secure. Snort will
be listening on border attacks (outside the network), on the dmz, and inside
the lan.
 
What is the best way of doing it on RedHat 8.0 and 9.0?
 
Thanks a lot.
 
Elvira
 



******************** Confidentiality Statement *************************** 


This message contains privileged and confidential information intended only
for the use of the addressee named above. If you are not the intended
recipient of this message, you must not disseminate, copy or take any action
in reliance on it. If you have received this message in error, please delete
it from your system and notify the sender immediately. Any views expressed
in this message are those of the individual sender, except where the sender
specifically states them to be the view of the company.




******************** Confidentiality Statement *************************** 

This message contains privileged and confidential information intended only
for the use of the addressee named above.  If you are not the intended
recipient of this message, you must not disseminate, copy or take any action
in reliance on it.  If you have received this message in error, please
delete it from your system and notify the sender immediately.  Any views
expressed in this message are those of the individual sender, except where
the sender specifically states them to be the view of the company.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030416/f811d8b7/attachment.html>


More information about the Snort-users mailing list