[Snort-users] Snort ports?

Paul Melson psmelson at ...5068...
Thu Mar 31 14:14:50 EST 2005


Assuming the MySQL database is on the ACID console, just one line:

permit tcp host [sensor address] host [ACID console address] eq 3306 

This will allow the sensor to make the connection to MySQL, which is all it
needs to do.  Of course, if this is an inside/outside scenario, you might
consider a different method of deploying your sensor so that the MySQL flow
is not traversing an untrusted network.

PaulM


________________________________

From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Escudero,
Peter Louis
Sent: Thursday, March 31, 2005 4:33 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Snort ports?


Our sensor needs to send alerts to the ACID console that's behind a Cisco
PIX firewall. What ports/services need to be opened? Any info you can
provide will be greatly appreciated.
 

Peter







More information about the Snort-users mailing list