[Snort-users] Which rules for specific open ports?

briankd at ...2827... briankd at ...2827...
Sat Jul 5 14:21:07 EDT 2003


I'm setting up an Apache/PHP web server behind my DSL router, and setting
the router to only forward ports 80 and 22 to the server.  I'm concerned
about potential intrusions, but I feel like I've covered a lot of the
potential exposures by using the port-forwarding scenario.

I followed the recipe at
http://www.internetsecurityguru.com/documents/snort_acid_rh9.pdf to set
Snort/PHP/Acid up on this web server.  Is there a way I can determine
which rules & preprocessors are the only ones necessary to protect against
intrusion on those two ports?


-- 
Brian

BrianKD at ...9610...






More information about the Snort-users mailing list