[Snort-users] Securing a Snort machine

Elvira_Byrnes at ...8560... Elvira_Byrnes at ...8560...
Tue Apr 22 20:23:12 EDT 2003


Hi Guys

Thanks a lot. Will look into it.

Elvira

-----Original Message-----
From: Saad Kadhi [mailto:saad at ...4401...]
Sent: Friday, 18 April 2003 4:34 PM
To: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Securing a Snort machine


On Thu, Apr 17, 2003 at 11:45:25AM -0400, Matt Kettler wrote:
> Webmin always carries a small degree of risk, since it is a powerful tool 
> and is network accessible. If you do run it, make SURE that it's only
bound 
> to an "inside" interface and make sure that your firewall will NOT allow 
> the internet to talk to the IP of that interface. As long as it's running 
> only on an inside interface that's protected by a firewall it should be 
> safe, but you are depending on the firewall.
If Webmin uses a static tcp port, make it listen to localhost only. then
use SSH port forwarding to access it remotely  from  the  administration
nic with sth like 'ssh -L localport:host:hostport me at ...8923...'.  that  way,
your communication with it is secured (I recommend you use SSH2  with  a
DSA key) and encrypted.

-- 
Saad Kadhi -- [saad at ...4401...] [saad.kadhi at ...7831...]
[pgp keyid: 35592A6D http://pgp.mit.edu]
[pgp fingerprint: BF7D D73E 1FCF 4B4F AF63  65EB 34F1 DBBF 3559 2A6D]
---


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


******************** Confidentiality Statement *************************** 

This message contains privileged and confidential information intended only
for the use of the addressee named above.  If you are not the intended
recipient of this message, you must not disseminate, copy or take any action
in reliance on it.  If you have received this message in error, please
delete it from your system and notify the sender immediately.  Any views
expressed in this message are those of the individual sender, except where
the sender specifically states them to be the view of the company.





More information about the Snort-users mailing list