[Snort-users] a couple of questions

DeBerry, Casey Casey.DeBerry at ...9117...
Thu Dec 11 10:17:02 EST 2003


>Hi all,
>i would like to ask a couple of things:
>first of all, I would like to know whether snort can work with TCP wrappers
(compiled with libwrap) because I couldn't find this option in snort >2.0.5
compilation and secondly, how can we protect the TCP 2525 port on a snort
center server?
>Generally if anyone can write which ports should one protect to be safe
enough in the open space-hmm Internet I mean :)

Look into IPtables for locking your servers ports.  IPtables is a simple
firewall that controls access to ports.  If you are running Linux, most
distro's install the bits with the standard installation; or you can get
them here:
http://www.iptables.com
and here's a good intro to IPtables:
http://www.justlinux.com/nhf/Security/IPtables_Basics.html

Whether you are going to put this box on the internet or not, I would
recommend locking it down.  Turn off all unneccessarry services, and make
sure things are patched to start.  I would jump on google and search for
lockdown + "Your OS".

Casey DeBerry






More information about the Snort-users mailing list