Snort mailing list archives
AW: AW: Workstation or Server in RH 7.2?
From: "Poppi, Sandro" <Sandro.Poppi () wacker com>
Date: Wed, 27 Feb 2002 15:28:59 +0100
Ok you do have another point of view than I do. In my world ;) everything installed is a potentially bad thing, even if not activated. Think of a vulnerable service activated and a suid program which you installed but not used but is also vulnerable. Or what if you just forget to deactivate the service accidently? Too much risk in a secure envirnment in my eyes. But as I said: That's my personal opinion. Ciao, Sandro
Ok, granted. But installing all the services is different than saying enable all the services. I routinely install everything then turn it off. I guess I wasn't clear about this but it is the snort list after all! On Wed, 27 Feb 2002, Poppi, Sandro wrote:Choosing the custom option is ok but DON'T install allpackages! As a snortbox is a "security device" you should only install theminimal things neededto run and administer snort, e.g. why should I install X,KDE, Gnome? Don'tneed it. Why installing telnet, r services or nfs, apache,...? Don't needit. Install openssh instead of telnet. And always watch for security updates! Any package installed could open your box for well-knownvulnerabilities.Also streamlining the kernel for performance issues is agood thing (don'tforget to remove gcc afterwards, you don't need it anymore). SandroI would recommend doing a custom install and chosing toinstall allpackages. Stay away from the prebuilt options RedHat offers you unless you don't plan to use the machine much. On Tue, 26 Feb 2002, CGI wrote:What installation you are using for Snort in Red Hat, Workstation or Server and why? Thanks______________________________________________________________________Find, Connect, Date! http://personals.yahoo.ca _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users---------------------------------------------------------------------Demetri Mouratis dmourati () linfactory com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users--------------------------------------------------------------------- Demetri Mouratis dmourati () linfactory com
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- AW: AW: Workstation or Server in RH 7.2? Poppi, Sandro (Feb 27)
- Re: AW: AW: Workstation or Server in RH 7.2? Demetri Mouratis (Feb 27)