[Snort-users] Getting more paranoid by the minute. :-/
Shaun T. Erickson
ste at ...11690...
Sat Apr 24 18:36:03 EDT 2004
As I mentioned in an earlier post, I've been hired to set up several
snort servers for a client. It's important that I do it right, or their
customer's sensitive data will be compromised.
The more I read Syngress Snort 2.0 book (I'm in chapter 5), the more I
understand that there are an endless number of attacks out there. I'm
concerned that my lack of knowledge will let an attacker at the data. I
can't let that happen.
How can I possibly learn enough, quickly enough, to write all the rules
to protect my client, when I don't even know all the attacks and
exploits that are out there?
I understand that snort comes with a standard set of rules, that I can
update off the net, to stay current. Is this standard set of rules going
to be enough to protect my client, initially, as I continue to learn snort?
I'm trying to absorb as much as I can, as fast as I can, but they need
this installed NOW, and I'm just concerned that my ignorance, as I come
up to speed, not cost them everything.
Advice? Suggestions? Valium? Please.
More information about the Snort-users