[Snort-users] Securing a Snort machine
saad at ...4401...
Thu Apr 17 23:34:08 EDT 2003
On Thu, Apr 17, 2003 at 11:45:25AM -0400, Matt Kettler wrote:
> Webmin always carries a small degree of risk, since it is a powerful tool
> and is network accessible. If you do run it, make SURE that it's only bound
> to an "inside" interface and make sure that your firewall will NOT allow
> the internet to talk to the IP of that interface. As long as it's running
> only on an inside interface that's protected by a firewall it should be
> safe, but you are depending on the firewall.
If Webmin uses a static tcp port, make it listen to localhost only. then
use SSH port forwarding to access it remotely from the administration
nic with sth like 'ssh -L localport:host:hostport me at ...8923...'. that way,
your communication with it is secured (I recommend you use SSH2 with a
DSA key) and encrypted.
Saad Kadhi -- [saad at ...4401...] [saad.kadhi at ...7831...]
[pgp keyid: 35592A6D http://pgp.mit.edu]
[pgp fingerprint: BF7D D73E 1FCF 4B4F AF63 65EB 34F1 DBBF 3559 2A6D]
More information about the Snort-users