Snort mailing list archives
RE: AW: Workstation or Server in RH 7.2?
From: "Ace" <ace_wizard () yahoo com>
Date: Wed, 27 Feb 2002 16:56:13 -0700
OKaaay... What if somebodody had a SOHO network with a Linux gateway doing iptables, squid, snort, mysql, apache, samba etc. etc. all on one box? -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of spyguy703 Sent: Wednesday, February 27, 2002 1:18 PM To: Demetri Mouratis; Poppi, Sandro Cc: CGI; snort-users () lists sourceforge net Subject: Re: AW: [Snort-users] Workstation or Server in RH 7.2? Um...Why would you install all of that software anyways? A snort box needs all the CPU and RAM it can get its hands on. It *should* be a single purpose box with snort and ssh installed. If you are installing redhat, just select server install, then manually unselect that which you will not use. As a general practice, you should NEVER install all software from a distro. The more software, the more vulnerable you *can* be. What is the point of installing it if you are turning it off? PLEASE PLEASE PLEASE don't tell people to 'install all software'! This is all we need...(think about IIS and code red and nimda...) On Wednesday 27 February 2002 06:09 am, Demetri Mouratis wrote:
Ok, granted. But installing all the services is different than saying enable all the services. I routinely install everything then turn it off. I guess I wasn't clear about this but it is the snort list after all! On Wed, 27 Feb 2002, Poppi, Sandro wrote:Choosing the custom option is ok but DON'T install all packages! As a snort box is a "security device" you should only install the minimal things needed to run and administer snort, e.g. why should I install X, KDE, Gnome? Don't need it. Why installing telnet, r services or nfs, apache, ...? Don't need it. Install openssh instead of telnet. And always watch for security updates! Any package installed could open your box for well-known
vulnerabilities.
Also streamlining the kernel for performance issues is a good thing (don't forget to remove gcc afterwards, you don't need it anymore). SandroI would recommend doing a custom install and chosing to install all packages. Stay away from the prebuilt options RedHat offers you unless you don't plan to use the machine much. On Tue, 26 Feb 2002, CGI wrote:What installation you are using for Snort in Red Hat, Workstation or Server and why? Thanks______________________________________________________________________Find, Connect, Date! http://personals.yahoo.ca _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users--------------------------------------------------------------------- Demetri Mouratis dmourati () linfactory com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users--------------------------------------------------------------------- Demetri Mouratis dmourati () linfactory com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- AW: Workstation or Server in RH 7.2? Poppi, Sandro (Feb 26)
- Re: AW: Workstation or Server in RH 7.2? Demetri Mouratis (Feb 27)
- Re: AW: Workstation or Server in RH 7.2? John Kiehnle (Feb 27)
- Re: AW: Workstation or Server in RH 7.2? Demetri Mouratis (Feb 27)
- Re: AW: Workstation or Server in RH 7.2? John Kiehnle (Feb 27)
- Re: AW: Workstation or Server in RH 7.2? John Kiehnle (Feb 27)
- Re: AW: Workstation or Server in RH 7.2? spyguy703 (Feb 27)
- RE: AW: Workstation or Server in RH 7.2? Ace (Feb 27)
- Re: AW: Workstation or Server in RH 7.2? Demetri Mouratis (Feb 27)