Snort mailing list archives
Re: firewalling snort machine
From: Erek Adams <erek () theadamsfamily net>
Date: Thu, 21 Feb 2002 14:14:11 -0800 (PST)
On Thu, 21 Feb 2002, Basil Saragoza wrote:
Maybe I miss something here, but: 1.I want to be able to that machine over the internet to connect via https.
Ummm... This is a 'Bad Thing(tm)'. If you do something like that, you're exposing your sensor to the public. Consider this: You don't expose _yourself_ to just anyone! :) Having a visable sensor on the 'net is just begging to have problems. One good syn flood and your sensor is useless. You can't connect and it can't see anything. Your best bet is to put 2 nics in the machine, make nic0 IPless with a R/O cable, then make nic1 connect to the internal admin lan. Then connect thru your firewall to the admin net, and then to the snort box for admininstration--if it has to be done from the 'net.
2. Why can't I just firewall it and leave only 443 open?
See #1. :) Again, these are only ideas and opinions. They are not written in stone.... ----- Erek Adams Nifty-Type-Guy TheAdamsFamily.Net _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- firewalling snort machine Basil Saragoza (Feb 21)
- Re: firewalling snort machine Erek Adams (Feb 21)
- Re: firewalling snort machine Basil Saragoza (Feb 21)
- Re: firewalling snort machine Erek Adams (Feb 21)
- Re: firewalling snort machine dr . kaos (Feb 22)
- Re: firewalling snort machine Basil Saragoza (Feb 21)
- <Possible follow-ups>
- RE: firewalling snort machine Sean T. Ballard (Feb 21)
- Re: firewalling snort machine Basil Saragoza (Feb 21)
- Re: firewalling snort machine Saad Kadhi (Feb 21)
- Re: firewalling snort machine Basil Saragoza (Feb 21)
- RE: firewalling snort machine McCammon, Keith (Feb 21)
- RE: firewalling snort machine Semerjian, Ohanes (Feb 21)
- RE: firewalling snort machine Salisko, Rick (Feb 22)
- RE: firewalling snort machine Erek Adams (Feb 22)
- Re: firewalling snort machine Basil Saragoza (Feb 22)
- Re: firewalling snort machine Erek Adams (Feb 22)
- RE: firewalling snort machine Erek Adams (Feb 22)
- Re: firewalling snort machine Erek Adams (Feb 21)