Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Still Help Needed: i want to make a firewall

From: Matt Kettler <mkettler () evi-inc com>
Date: Wed, 16 Apr 2003 21:33:09 -0400

At 05:28 PM 4/16/2003 -0700, Michael Steele wrote:

Bottom line is to use what you're comfortable with. Snort CAN be installed
securely on either platform (Windows or *nix).
Agreed whole heartedly. Although properly securing a windows box is just as complex a problem as properly securing a unix server, it's not impossible. The only degree to which it is worse is the absolutely horrid history of exploits to IIS (not that Apache is any better).
I certainly would question the wisdom of running snort on a NT box that sits outside your firewall and runs IIS on the external interface. But I'd also question the wisdom of doing the same thing with a Linux box running Apache, bind, ssh, or sendmail on the external interface. Anyone doing either of these setups is just _asking_ to be exploited in the worst possible way.
Although all of this this OS difference banter still doesn't address his original problem, which was needing a firewall. Snort just isn't a replacement for one, no matter what platform you run it on. 




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: