[Snort-users] Securing a Snort machine

Saad Kadhi saad at ...4401...
Thu Apr 17 23:34:08 EDT 2003


On Thu, Apr 17, 2003 at 11:45:25AM -0400, Matt Kettler wrote:
> Webmin always carries a small degree of risk, since it is a powerful tool 
> and is network accessible. If you do run it, make SURE that it's only bound 
> to an "inside" interface and make sure that your firewall will NOT allow 
> the internet to talk to the IP of that interface. As long as it's running 
> only on an inside interface that's protected by a firewall it should be 
> safe, but you are depending on the firewall.
If Webmin uses a static tcp port, make it listen to localhost only. then
use SSH port forwarding to access it remotely  from  the  administration
nic with sth like 'ssh -L localport:host:hostport me at ...8923...'.  that  way,
your communication with it is secured (I recommend you use SSH2  with  a
DSA key) and encrypted.

-- 
Saad Kadhi -- [saad at ...4401...] [saad.kadhi at ...7831...]
[pgp keyid: 35592A6D http://pgp.mit.edu]
[pgp fingerprint: BF7D D73E 1FCF 4B4F AF63  65EB 34F1 DBBF 3559 2A6D]
---




More information about the Snort-users mailing list