Snort mailing list archives
RE: Snort ports?
From: "Escudero, Peter Louis" <peterlouis.escudero () eds com>
Date: Thu, 31 Mar 2005 19:25:48 -0500
Thanks a lot. You've been very helpful. Peter -----Original Message----- From: Paul Melson [mailto:psmelson () comcast net] Sent: Thursday, March 31, 2005 2:08 PM To: Escudero, Peter Louis; snort-users () lists sourceforge net Subject: RE: [Snort-users] Snort ports? Assuming the MySQL database is on the ACID console, just one line: permit tcp host [sensor address] host [ACID console address] eq 3306 This will allow the sensor to make the connection to MySQL, which is all it needs to do. Of course, if this is an inside/outside scenario, you might consider a different method of deploying your sensor so that the MySQL flow is not traversing an untrusted network. PaulM ________________________________ From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Escudero, Peter Louis Sent: Thursday, March 31, 2005 4:33 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Snort ports? Our sensor needs to send alerts to the ACID console that's behind a Cisco PIX firewall. What ports/services need to be opened? Any info you can provide will be greatly appreciated. Peter ------------------------------------------------------- This SF.net email is sponsored by Demarc: A global provider of Threat Management Solutions. Download our HomeAdmin security software for free today! http://www.demarc.com/info/Sentarus/hamr30 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Snort ports? Escudero, Peter Louis (Mar 31)