[Snort-users] Snort Security ? How to ?
bishan4u at ...1396...
Sat Apr 19 23:58:02 EDT 2003
I am installing a RH8 Linux machine in my network
which will serve the purpose of a snort sensor and the
main snort manager.There will be 3 other snort
sensors(all in linux) which will be logging into the
Now I want this Snort Manager and the 3 sensors to be
This can be done by:
1. Installing minimum number of packages on all the
2. Running Snort as non-root.
3. Logging to the database as non-root.
4. Running Snort in a CHROOT environment.
5. Tight privileges to snort files.
Now, for making above possible, I don't have answers
to the following questions:
1. What are the dependencies of Snort and what minimum
packages do I need to install on the machine whose
purpose is only as a snort sensor?
2. How do I run snort as a non-root user ?
3. What permissions like SELECT,INSERT,DELETE do I
need to give to snort user for it to work seamlessly
with ACID ?
4. How do I run Snort in a Chroot environment ? (Is
there any document explaining this)
I think if we can answer these, we will have a very
secure snort box.
Please drop in your valuable comments.
email: bishan at ...8634...
For a better Internet experience
More information about the Snort-users