Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ideal setup

From: Robert Cole <robert () support4linux com>
Date: Wed, 7 Aug 2002 13:48:42 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ok lets go for a not so dream setup. How about snort running on the firewall 
machine and sending its logs to a syslog server. That a decent setup if the 
syslog server is heavily protected as well?

Thanks,
Robert

On Wednesday 07 August 2002 11:12 am, quentyn () fotango com wrote:

Robert Cole wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Whats the ideal setup for snort? I'm just now getting into it and reading
up on it and it looks like a good way to go is put snort on the firewall
machine and have it log to a syslog server. Correct?

Robert


an ideal set-up would be to have hardware ether taps running to
dedicated sensors. They feed into db servers ( what ever your poison)
all running on a separate network not connected to any other network.
Alerts are via festival ( the voice sysnthsis prog) and SMS (so are one
way only)

this is my dream set-up but is not practical in may situations ( though
it is virtually uncomprimiseable)

Q

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9UYewOWbzte5wVEURAiK4AJ4n5qDOUu/oDmXjYPN0vfmc+XQ9VwCeNe9K
3C0SJYmCwwvQaIh79f9zm6g=
=t0bx
-----END PGP SIGNATURE-----



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: