Clarification of understandings.

["Tim" <twr () bellsouth net>]

Please bear with me .... I am so very new to the software programs involved. I have downloaded and read the 
installation documentation for all the software packages involved but the installation topology eludes me. I have asked 
a similar question before on the list but I guess I didn't make the question very explicit. I want to install the five 
primary packages, (Apache, MySQL, Webmin, ACID and Snort), and the ACID dependencies, (PHP, ADOBD, PHPLOT).

To my understanding, so far, one can install all the packages in one box to monitor an external, DMZ and internal 
interface via hubs placed at the points where snort can see all the packets going/coming from the particular interface. 
Is this right so far? If not, I'm limited as to how many boxes (2) I can use in order to install all the packages....so 
in this case, what combination of packages do I have to install on each one of the boxes in order to have this IDS 
topology working properly. The documentation I have read are very well put together but they are missing this one key 
element. 

If their is documentation that one can point me (or that I missed somewhere) to that will give me some guidance towards 
this goal, it would be appreciated. Or, if someone has had a similar experience and has successfully deployed such a 
topology and can give me some pointers this also would be extremely helpful. 

Your input/insights will be gratefully appreciated.


Tim -- Mia/Fla
Student