Snort mailing list archives
RE: Still Help Needed: i want to make a firewall
From: "Michael Steele" <michaels () silicondefense com>
Date: Wed, 16 Apr 2003 20:19:23 -0700
Matt, Snort is an IDS (Intrusion Detection System), not an IPS (Intrusion Prevention System). It's had to make some people understand that. As far as a firewall; there is a bunch of choices out there. 1. Configure an Open BSD box... 2. Hardware firewall (Cisco, etc...) 3. If they are running Windows XP, XP has a built in Firewall, and IPSec. 4. ISA Server 5. Zone Alarm 6. Black Ice I'm sure there are a lot more options. It just all depends on how much money they want to spend. On NT4 Server/2000/XP/2003 Server they can run the IDS in promiscuous mode, and stick it anywhere as long as they are accessing the console from localhost; the IDS is completely transparent. This can also be done on any *nix IDS. If they need remote access to the Windows desktop, install another NIC, install an SSH server, and then use port forwarding to the remote desktop, or to Terminal Services. As far as I know it only requires one port to be opened. -Michael Michael Steele | System Engineer / Support Technician mailto:michaels () silicondefense com Silicon Defense: IDS solutions - http://www.silicondefense.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Matt Kettler Sent: Wednesday, April 16, 2003 6:33 PM To: snort-users () lists sourceforge net Subject: RE: [Snort-users] Still Help Needed: i want to make a firewall At 05:28 PM 4/16/2003 -0700, Michael Steele wrote:
Bottom line is to use what you're comfortable with. Snort CAN be installed securely on either platform (Windows or *nix).
Agreed whole heartedly. Although properly securing a windows box is just as complex a problem as properly securing a unix server, it's not impossible. The only degree to which it is worse is the absolutely horrid history of exploits to IIS (not that Apache is any better). I certainly would question the wisdom of running snort on a NT box that sits outside your firewall and runs IIS on the external interface. But I'd also question the wisdom of doing the same thing with a Linux box running Apache, bind, ssh, or sendmail on the external interface. Anyone doing either of these setups is just _asking_ to be exploited in the worst possible way. Although all of this this OS difference banter still doesn't address his original problem, which was needing a firewall. Snort just isn't a replacement for one, no matter what platform you run it on. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Still Help Needed: i want to make a firewall, (continued)
- Re: Still Help Needed: i want to make a firewall Paul Schmehl (Apr 15)
- Re: {SPAM} Still Help Needed: i want to make a firewall Matt Kettler (Apr 15)
- Re: Still Help Needed: i want to make a firewall Patrick S. Harper (Apr 15)
- Re: Still Help Needed: i want to make a firewall Jason (Apr 15)
- Still Help Needed: i want to make a firewall Junaid (Apr 15)
- RE: Still Help Needed: i want to make a firewall bmcdowell (Apr 15)
- RE: Still Help Needed: i want to make a firewall Robert Reid (Apr 15)
- RE: Still Help Needed: i want to make a firewall Michael Steele (Apr 16)
- RE: Still Help Needed: i want to make a firewall Mike Mentges (Apr 16)
- RE: Still Help Needed: i want to make a firewall Matt Kettler (Apr 16)
- RE: Still Help Needed: i want to make a firewall Michael Steele (Apr 16)
- RE: Still Help Needed: i want to make a firewall Rich Adamson (Apr 17)
- RE: Still Help Needed: i want to make a firewall Michael Steele (Apr 16)
- RE: Still Help Needed: i want to make a firewall Horta, Benny (Apr 16)
- RE: Still Help Needed: i want to make a firewall Mirko Matytschak (Apr 17)
- RE: Still Help Needed: i want to make a firewall Robert Reid (Apr 17)
- RE: Still Help Needed: i want to make a firewall James Bly (Apr 17)
- RE: Still Help Needed: i want to make a firewall Robert Reid (Apr 17)
- RE: Still Help Needed: i want to make a firewall Michael Steele (Apr 17)
- RE: Still Help Needed: i want to make a firewall Paul Schmehl (Apr 17)
- RE: Still Help Needed: i want to make a firewall Matt Kettler (Apr 17)
- RE: Still Help Needed: i want to make a firewall Michael Steele (Apr 17)