Security Basics mailing list archives
Fwd: Is snort an overkill for desktop only environment ?
From: martin <martiniscool () gmail com>
Date: Sat, 24 Oct 2009 19:53:37 +0100
anybody have any thoughts at all ? ---------- Forwarded message ---------- From: martin <martiniscool () gmail com> Date: 2009/10/22 Subject: Is snort an overkill for desktop only environment ? To: security-basics () securityfocus com Hi all I've been reading up on IDP recently, and particularly started looking at snort. I'm considering suggesting to my boss that we install it at a small branch office I'm based at. However, all that we have at the branch office are a few desktop PC's, a firewall, switch, and a printer. Our DC, file server etc, is at head office and accessed using a VPN. Is it worth installing IDP in simplified environment such as this ? Or is it designed for more "complex" environments which have more resources such as file servers, web servers etc ?? Also, currently we wouldn't have anything in the budget to pay for the $500 rule subscription for one sensor - so all the rules we would be getting would be 30 days old. Is it worth having an IDP with rules that are this old ? Are they still of any value ? I'm thinking back to the conflicker threat last year - I know there was a Snort rule for it, but without the subscription, we wouldn't have gotten it for 30 days. So it would have been pretty much too late in that case. I know that we can write our own rules, but I don't think anybody would have time to do that. So we'd be relying on what rules get downloaded Any feedback would be greatly appreciated thanks in advance M ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Fwd: Is snort an overkill for desktop only environment ? martin (Oct 26)
- RE: Is snort an overkill for desktop only environment ? Jason Hurst (Oct 26)
- Re: Is snort an overkill for desktop only environment ? José Manuel Molina Pascual (Oct 27)
- Re: Is snort an overkill for desktop only environment ? Stephen Mullins (Oct 26)
- Re: Is snort an overkill for desktop only environment ? mojorising (Oct 26)
- Re: Is snort an overkill for desktop only environment ? Kurt Buff (Oct 27)
- <Possible follow-ups>
- Re: Fwd: Is snort an overkill for desktop only environment ? krymson (Oct 26)
- Re: Is snort an overkill for desktop only environment ? Craig S Wright (Oct 27)
- RE: Is snort an overkill for desktop only environment ? Jason Hurst (Oct 26)