[Snort-users] intalling snort

Juan Fernandez Juan.Fernandez at ...2210...
Tue Jul 20 07:20:01 EDT 2004



I want to install 3 snort machines.


One management machine and 2 sensors.


One sensor will be on the dmz and the other in the LAN ( I want to mirror
the default gateway port in the switch and monitor this port ) I want snort
to be active meaning cutting connections as I define so where to put it  ? I
just want to be sure that  if a hackers enters  my lan  so the connection
will be drop.


Second question: which linux dist is the best to install snort on ? is it
metters ?


Thitd: to manage the sensors I will need 2 nics on the sensor in the dmz
right ? ( one Nic connected to the dmz switch e.g sensor and the other nic
connected to the lan switch so I can log to the machine from the internal
lan ). How I configure and secure this machine in a way that a hacker cant
enter the machine from the sensor nic and from there to enter to the lan
from the second nic ?


Thank very much !!!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040720/3e05d195/attachment.html>

More information about the Snort-users mailing list