RE: Snort ports?

["Escudero, Peter Louis" <peterlouis.escudero () eds com>]

Thanks a lot. You've been very helpful.

Peter

-----Original Message-----
From: Paul Melson [mailto:psmelson () comcast net] 
Sent: Thursday, March 31, 2005 2:08 PM
To: Escudero, Peter Louis; snort-users () lists sourceforge net
Subject: RE: [Snort-users] Snort ports?

Assuming the MySQL database is on the ACID console, just one line:

permit tcp host [sensor address] host [ACID console address] eq 3306 

This will allow the sensor to make the connection to MySQL, which is all
it needs to do.  Of course, if this is an inside/outside scenario, you
might consider a different method of deploying your sensor so that the
MySQL flow is not traversing an untrusted network.

PaulM


________________________________

From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Escudero,
Peter Louis
Sent: Thursday, March 31, 2005 4:33 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Snort ports?


Our sensor needs to send alerts to the ACID console that's behind a
Cisco PIX firewall. What ports/services need to be opened? Any info you
can provide will be greatly appreciated.
 

Peter




-------------------------------------------------------
This SF.net email is sponsored by Demarc:
A global provider of Threat Management Solutions.
Download our HomeAdmin security software for free today!
http://www.demarc.com/info/Sentarus/hamr30
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users