[Snort-users] Snort 2.3

Ron Jenkins rjenkins at ...12829...
Thu Feb 3 11:58:35 EST 2005


Well put!!

Those that are not keeping current on a professional implementation of
any OS, is asking for problems.  

Especially when concerning with security.


-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of James
Riden
Sent: Thursday, February 03, 2005 1:42 PM
To: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snort 2.3

SN ORT <snort_on_acid at ...131...> writes:

> Ha! If you don't have time to "patch manually" you don't have time
> to try and "trim down" a distro. The point is you don't need to
> patch and you don't need any newer OS, especially if you're just
> going to "trim it down" anyways. Besides, those OSes you mentioned
> aren't going to trim down very much, what with all that gui and junk
> that comes with it. Many people here probably don't patch their
> Snort boxes at all. I don't. It has ACL'd access per host, I don't
> need to worry about patching every other day and wondering, "Now
> what options did I last compile that with?" !!  "Oh now everything's
> broke!...etc"

AFAIK you can install any of the major modern distro's (Fedora, Red
Hat, Debian) without X and without GUIs. I'm trying to keep up with
100Mbit/s upwards and believe me, a basic 600Mb Fedora Core 3 install
doesn't make that much difference either way.

You can bet I keep all my IDS sensors up to date with patches; that is
SOP for any box that can receive any kind of IP traffic, ACLs or
no. What happens if someone compromises a box that is allowed to send
to that host?

-- 
James Riden / j.riden at ...11179... / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/




-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list