Snort mailing list archives
RE: Effective Snort Design Methodologies
From: "Ace" <ace_wizard () yahoo com>
Date: Sat, 25 Aug 2001 15:44:06 -0600
Have a look at Bastille Linux: http://www.bastille-linux.org/ -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of roger clemens Sent: Saturday, August 25, 2001 3:02 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Effective Snort Design Methodologies All, I have been assigned a project to harden three Linux 7.1 systems to be specifically deployed as IDS sensors running the latest snort. What are the more popular and effective snort design and configuration methodologies for deploying sensors at the following three points: 1. Just outside the public interface of a Check Point Firewall 2. Just outside the DMZ interface of the check Point 3. Just outside the private interface of the check point firewall What are the more reliable, scalable and performance driven solutions for gathering traffic at each point? For example: 1. Should I use taps or span some ports 2. should I use a hub If anyone has some real world topology maps or projects they can share with me I would very much appreciate it. If I am leaving other important points out of the equation please let me know. I am sure there is something. Thank you, Richard __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Effective Snort Design Methodologies roger clemens (Aug 25)
- RE: Effective Snort Design Methodologies Ace (Aug 25)
- <Possible follow-ups>
- RE: Effective Snort Design Methodologies Kohlenberg, Toby (Aug 25)