[Snort-users] System hardening
Van Oosterom, Peter
Peter.vanoosterom at ...2990...
Fri Sep 5 06:00:13 EDT 2003
Or Titan, which supports most varients of *nix
From: Matthew Thomas [mailto:mthomas at ...9794...]
Sent: Thursday, 4 September 2003 5:19 AM
To: 'John Creegan'; snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] System hardening
You might checkout the Bastille-Linux project, too. Their plan is to add
solaris support in their 2.2 release. I'm not sure how close they are to
that being ready, though.
> -----Original Message-----
> From: snort-users-admin at lists.sourceforge.net
> [mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of
> John Creegan
> Sent: Wednesday, September 03, 2003 7:28 AM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] System hardening
> I've got the basic snort and reporting systems up and running
> (snort, ACID, MySQL) and I'm ready to turn my attention to
> protecting/hardening my system (Solaris 8 on SPARC) before I
> do any more with snort (barnyard, oinkmaster, etc.)
> I'm looking at a tool (yassp) for going beyond the system
> hardening described in the docs. I can't find any mention of
> it (so far) in the archives, FAQ or the recommended three
> books. Yassp seems a bit old.
> It may work well for Solaris 8, but it appears there's been
> no recent support for it.
> Does anyone think it's worth hardening a system so much?
> I've already got tripwire running but that, to me, is a
> reactive approach. I'd rather prevent someone from changing
> my system files than to know they already did it.
> I'm aware that unless I proceed carefully I can make the
> system useless for its intended purpose, running snort.
> This message (including any attachments) contains confidential
> information intended for a specific individual and purpose,
> and is protected by law. If you are not the intended
> recipient, you should delete this message and are hereby
> notified that any
> disclosure,copying, or distribution of this message, or the taking
> of any action based on it, is strictly prohibited.
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
This e-mail is privileged and may contain confidential information intended only for the person(s) named above. If you receive this e-mail
in error, please notify the addressee immediately by telephone or return e-mail. Although the sender endeavours to maintain a computer
virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from
any virus transmitted.
More information about the Snort-users