[Snort-users] Securing a Snort machine
ohanes.semerjian at ...8907...
Thu Apr 17 07:26:15 EDT 2003
Best way is to :
1. use IPless interfaces (specially one on Internet ) except the one that
will use it to connect to the box ( which is best to be located internally).
2. Use ssh to connect to the box via the internal interface on the LAN.
3. Close all ports (via shutting down ports and stopping scripts that are
not need to be run on the box) except for ssh.
4. Scan the box to find out if you do have any ports open other than ssh.
Security Engineer, AsiaPac
International Security Group (Central Services)
Ph:(02) 9434 5636
Mob: 0410 657 249
75DF 2980 5663 2DC1 12CD E43E 94D6 7A9A 222D 3449
From: Elvira_Byrnes at ...8560...
[mailto:Elvira_Byrnes at ...8560...]
Sent: Thursday, 17 April 2003 2:08 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Securing a Snort machine
I have installed Snort and now want to make the machine secure. Snort will
be listening on border attacks (outside the network), on the dmz, and inside
What is the best way of doing it on RedHat 8.0 and 9.0?
Thanks a lot.
******************** Confidentiality Statement ***************************
This message contains privileged and confidential information intended only
for the use of the addressee named above. If you are not the intended
recipient of this message, you must not disseminate, copy or take any action
in reliance on it. If you have received this message in error, please delete
it from your system and notify the sender immediately. Any views expressed
in this message are those of the individual sender, except where the sender
specifically states them to be the view of the company.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users