[Snort-users] intalling snort
Juan.Fernandez at ...2210...
Tue Jul 20 07:20:01 EDT 2004
I want to install 3 snort machines.
One management machine and 2 sensors.
One sensor will be on the dmz and the other in the LAN ( I want to mirror
the default gateway port in the switch and monitor this port ) I want snort
to be active meaning cutting connections as I define so where to put it ? I
just want to be sure that if a hackers enters my lan so the connection
will be drop.
Second question: which linux dist is the best to install snort on ? is it
Thitd: to manage the sensors I will need 2 nics on the sensor in the dmz
right ? ( one Nic connected to the dmz switch e.g sensor and the other nic
connected to the lan switch so I can log to the machine from the internal
lan ). How I configure and secure this machine in a way that a hacker cant
enter the machine from the sensor nic and from there to enter to the lan
from the second nic ?
Thank very much !!!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users