RE: firewalling snort machine

["Semerjian, Ohanes" <Semerjian.Ohanes () wcom com au>]

I would rather use two interfaces the one on the Internet and not protected
make it IPless (assign IP address 0.0.0.0) so no connection could made
to/from it. It will still listen to packet and u'll still get alerts.
 
The second interface place on the internal network which is protected by fw,
also use openssh to connect to this interface.
 

Best Regards

Ohanes Semerjian


-----Original Message-----
From: Basil Saragoza [mailto:snortlst () hotmail com]
Sent: Friday, 22 February 2002 2:56
To: snort-users () lists sourceforge net
Subject: [Snort-users] firewalling snort machine


I have a snort machine exposed to the internet (connected to our internet
switch, it monitors traffic coing to the firewall public nic).
Is it safe to install firewall on snort machine and disable ALL incoming
traffic to snort machin from the internet? Will it affect snort
functionality?
(My guess would be it won't cause snort sniffs packets fro the switch and it
is not dependent on internet connectivity, but I just want to make sure that
mu guess is correct)
thx.


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users