Snort mailing list archives
RE: Installing a new SNORT box
From: "Chris Eidem" <jceidem () dexma com>
Date: Thu, 6 Dec 2001 11:23:39 -0600
hear hear. i second that. i was also in your same position and obsd came to my rescue. other great reasons to use it include: * simple install (install bootdisk, ftp packages onto machine, install, reboot) * sane libpcap * port/packages (once you go ports, you don't go back... :) ) * man pages that are a) actually helpful and b) maintained but lookout on the misc@openbsd mailing list. you are expected to have done your homework before asking newbie questions. unlike here, they fry dumb newbies to a cripy, crunchy, golden brown and devour them whole... chris
-----Original Message----- From: Mike Shaw [mailto:mshaw () wwisp com] Sent: Thursday, December 06, 2001 10:14 AM To: Thatcher Rea; 'snort-users () lists sourceforge net' Subject: Re: [Snort-users] Installing a new SNORT box At the risk of starting an OS Jihad, I recommend OpenBSD to someone in your situation for the following reasons: * Secure out of the 'box' * Most if not all features that you need are pre-installed, but disabled by default and easy to start up I was in your exact situation a year or so ago, and tuning down Redhat was just too much of a hassle for the simple applications we needed. This is not to deny how great Linux is, I just think OpenBSD is better for *nix newbies putting boxes in hackable areas. (especially for an ultra-sensitive box like an IDS). I'm running at least 3 Snort locations using OpenBSD and the exact same hardware specs you're using. -Mike At 04:50 PM 12/5/2001 -0600, Thatcher Rea wrote:I have spent some time doing research aboutinstalling a snort boxonto our Windows LAN. Because I'm really a Linux newbie Idon't want to havethe snort box itself hacked into, I'm trying to isolate only those daemons/services that I need to have for SNORT. I havedecided to installedsnort on a PC-clone running RedHat Linux 7.2. I have readseveral articleson Linux-Sec.net, and they have given me some good startingideas, but I'mnot certain of which services SNORT needs to run. Assuming Iwas going tohave an installation of SNORT 1.8.3 that used all the bellsand whistles,what needs to run? Also, what kind of hardware requirementsdo I need forthis machine? I have been given a PentiumII 233mhz machinewith 128mb RAMand a 2GB hard drive to use, but I'm sure if this is enough. I'm sure questions like this have been asked before, so If someonecould point me toa site with appropriate answers rather than re-answeringquestions thatwould be great. Cheers. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Installing a new SNORT box Thatcher Rea (Dec 05)
- Re: Installing a new SNORT box John Sage (Dec 05)
- Re: Installing a new SNORT box Mike Shaw (Dec 06)
- <Possible follow-ups>
- RE: Installing a new SNORT box Chris Eidem (Dec 06)