Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Using Snort on Amazon AWS VPC

From: Paulo Henrique Castro <phlcastro () gmail com>
Date: Fri, 3 Oct 2014 11:05:41 -0300
Hi guys

I was wondering if any of you could share experiences/best practices about using Snort IDS with VPC.
I have already setup my VPC with 2 subnets (public and private) and created a NAT between them.
On this same NAT server I installed Snort and everything looks working fine.

Every connection to http port (80) must pass through this NAT/Snort server before reach my Apache server on private 
subnet.

Is this the correct way to  do it? I read somewhere that we shouldn't use Snort on the same interface used to publish 
the services (http in this case), but I couldn't find another way to use Snort on VPC...

Thanks in advance for any feedback!

Best regards

Paulo




------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: