Snort mailing list archives
Re: AW: AW: Workstation or Server in RH 7.2?
From: Demetri Mouratis <dmourati () cm math uiuc edu>
Date: Wed, 27 Feb 2002 09:20:32 -0600 (CST)
nmap is your friend. On Wed, 27 Feb 2002, Poppi, Sandro wrote:
Ok you do have another point of view than I do. In my world ;) everything installed is a potentially bad thing, even if not activated. Think of a vulnerable service activated and a suid program which you installed but not used but is also vulnerable. Or what if you just forget to deactivate the service accidently? Too much risk in a secure envirnment in my eyes. But as I said: That's my personal opinion. Ciao, SandroOk, granted. But installing all the services is different than saying enable all the services. I routinely install everything then turn it off. I guess I wasn't clear about this but it is the snort list after all! On Wed, 27 Feb 2002, Poppi, Sandro wrote:Choosing the custom option is ok but DON'T install allpackages! As a snortbox is a "security device" you should only install theminimal things neededto run and administer snort, e.g. why should I install X,KDE, Gnome? Don'tneed it. Why installing telnet, r services or nfs, apache,...? Don't needit. Install openssh instead of telnet. And always watch for security updates! Any package installed could open your box for well-knownvulnerabilities.Also streamlining the kernel for performance issues is agood thing (don'tforget to remove gcc afterwards, you don't need it anymore). SandroI would recommend doing a custom install and chosing toinstall allpackages. Stay away from the prebuilt options RedHat offers you unless you don't plan to use the machine much. On Tue, 26 Feb 2002, CGI wrote:What installation you are using for Snort in Red Hat, Workstation or Server and why? Thanks______________________________________________________________________Find, Connect, Date! http://personals.yahoo.ca _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users---------------------------------------------------------------------Demetri Mouratis dmourati () linfactory com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users--------------------------------------------------------------------- Demetri Mouratis dmourati () linfactory com
--------------------------------------------------------------------- Demetri Mouratis dmourati () linfactory com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- AW: AW: Workstation or Server in RH 7.2? Poppi, Sandro (Feb 27)
- Re: AW: AW: Workstation or Server in RH 7.2? Demetri Mouratis (Feb 27)