Snort mailing list archives
RE: Securing a Snort machine
From: Elvira_Byrnes () mobileinnovations com au
Date: Wed, 23 Apr 2003 13:25:14 +1000
Hi Guys Thanks a lot. Will look into it. Elvira -----Original Message----- From: Saad Kadhi [mailto:saad () docisland org] Sent: Friday, 18 April 2003 4:34 PM To: snort-users () lists sourceforge net Subject: Re: [Snort-users] Securing a Snort machine On Thu, Apr 17, 2003 at 11:45:25AM -0400, Matt Kettler wrote:
Webmin always carries a small degree of risk, since it is a powerful tool and is network accessible. If you do run it, make SURE that it's only
bound
to an "inside" interface and make sure that your firewall will NOT allow the internet to talk to the IP of that interface. As long as it's running only on an inside interface that's protected by a firewall it should be safe, but you are depending on the firewall.
If Webmin uses a static tcp port, make it listen to localhost only. then use SSH port forwarding to access it remotely from the administration nic with sth like 'ssh -L localport:host:hostport me@mybox'. that way, your communication with it is secured (I recommend you use SSH2 with a DSA key) and encrypted. -- Saad Kadhi -- [saad () docisland org] [saad.kadhi () hapsis fr] [pgp keyid: 35592A6D http://pgp.mit.edu] [pgp fingerprint: BF7D D73E 1FCF 4B4F AF63 65EB 34F1 DBBF 3559 2A6D] --- ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ******************** Confidentiality Statement *************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message, you must not disseminate, copy or take any action in reliance on it. If you have received this message in error, please delete it from your system and notify the sender immediately. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the view of the company. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Securing a Snort machine, (continued)
- RE: Securing a Snort machine Elvira_Byrnes (Apr 16)
- Re: Securing a Snort machine Michael Anderson (Apr 17)
- RE: Securing a Snort machine Matt Kettler (Apr 17)
- Re: Securing a Snort machine Saad Kadhi (Apr 18)
- Performance Bottleneck Daniel R. Miessler (Apr 18)
- RE: Securing a Snort machine Elvira_Byrnes (Apr 16)
- RE: Securing a Snort machine Elvira_Byrnes (Apr 16)
- RE: Securing a Snort machine Semerjian, Ohanes (Apr 17)
- RE: Securing a Snort machine Semerjian, Ohanes (Apr 17)
- Re: Securing a Snort machine M M (Apr 17)
- RE: Securing a Snort machine Dean Scott (Apr 17)
- RE: Securing a Snort machine Elvira_Byrnes (Apr 22)