[Snort-users] Snort 2.3

SN ORT snort_on_acid at ...131...
Fri Feb 4 04:46:17 EST 2005


I use host-based protections and the fact that the
server is in a private network adds to the mitigation
factor. Patching not necessary. You can't compromise a
box you can't get to, or even ping. And no one is
going to even try that hard on the inside. Now on a
public server, no doubt patching is neccessary. Raise
your hand if your snort box is a public server.

-------------------------------------------------------
Message: 2
To: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snort 2.3
From: James Riden <j.riden at ...11179...>
Date: Fri, 04 Feb 2005 08:42:27 +1300

SN ORT <snort_on_acid at ...131...> writes:
<snip>
You can bet I keep all my IDS sensors up to date with
patches; that is
SOP for any box that can receive any kind of IP
traffic, ACLs or
no. 


What happens if someone compromises a box that is
allowed to send
to that host?

-- 
James Riden / j.riden at ...11179... / Systems Security
Engineer
Information Technology Services, Massey University,
NZ.
GPG public key available at:
http://www.massey.ac.nz/~jriden/


Message: 3
Subject: RE: [Snort-users] Snort 2.3
Date: Thu, 3 Feb 2005 13:50:58 -0600
From: "Ron Jenkins" <rjenkins at ...12829...>
To: "James Riden" <j.riden at ...11179...>
Cc: "snort-users" <snort-users at lists.sourceforge.net>

<snip>


		
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - Helps protect you from nasty viruses. 
http://promotions.yahoo.com/new_mail




More information about the Snort-users mailing list