Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort Setup Suggestions? *NEWBIE QUESTION*

From: Christopher Cook <crcook () oakland edu>
Date: Mon, 12 Aug 2002 19:34:09 -0400
Some other helpful hints:

- You can install Apache if you're opposed to using IIS on a Win box.
- You can also have Snort log to a remote box that is either a syslog server or has SQL with ACID. - As mentioned before, having two network cards, one addressed privately, and one not addressed is also well worth the investment. 

Just some other ways to attack the situation.

Chris Cook
Security and Support Specialist
Office of Information Technology
Oakland University



Charles Hamby wrote:
Im getting readying to helping the sysadmin from my college setup a Snort sensor (Win32), and Id like to get some input&
The network Snorts being installed on is non-firewalled (I know, I know, Ive been arguing with him about this for a year, but to no avail) Win2k domain. Neither of us know enough about Linux to know with a Linux version, so Ive decided on the win32 distro. Theyre using an entirely switched network, so since getting a tap would cost money (which they dont have), were looking at setting up the Snort sensor at the network ingress point. The only problem I have is that doing so will require adding IIS in order to view the logs (can you say security hole?) unless the sysadmin wants to walk down to the comm. Closet several times a day to check the snort logs (doubtful).
Does anyone know of another way around this (as you can tell, Im really new to Snort). Thanks! 

-Charles





-------------------------------------------------------
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code=31
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: