[Snort-users] Getting more paranoid by the minute. :-/

Shaun T. Erickson ste at ...11690...
Sat Apr 24 20:10:05 EDT 2004


Paul Schmehl wrote:

> But try to get some perspective.  The clients *don't* have snort now, 
> right?  So all the attacks that you will see in snort are *already* 
> hitting them.  All you're going to do is open their eyes and reduce 
> their risk exposure.

Well, they are a startup. Their customers will be running a web-based 
app that they wrote, which will run on a webserver in their dmz and 
manipulate data in a database on an internal lan.

They want the IDS in place, before they actually install the app on the 
webserver and go live, because they are very concerned that no one be 
able to get to the data in the databases. And they were supposed to go 
live a month ago, so they are getting very antsy (actually, that's a bit 
of an understatement). I joined the team a week ago, and they are 
waiting for me to say everything's installed and that they are 
protected, before going live.

Nothing like a little pressure. :)

	-ste




More information about the Snort-users mailing list