Re: Minimal Redhat 7.3 install

[Demetri Mouratis <dmourati () cm math uiuc edu>]

On Sat, 15 Feb 2003, Baeder, Jason (GXS) wrote:

> I'm considering deploying several Snort sensors.  As the Snort installation
> docs are geared towards sensors, sensors+ACID and ACID consoles, the
> required Redhat installation is rather broad.  I'm wondering what the
> minimal Redhat install would be for a sensor reporting to a remote database.

Not much is needed for the sensor.  As far as a minimum, any working RH
box should be able to be converted to a sensor by installing and
configuring libpcap and snort.  If you want to be really good about it,
don't put gcc on your snort box.  Just compile the binary elsewhere then
upload it.

You'll probably also want sshd installed so you can log into the box on a
service interface.  Turn off all other listeners and you have a stripped
down box ready for snorting.

Send the logs across the net to your database and you are all set.

---------------------------------------------------------------------
Demetri Mouratis
dmourati () linfactory com



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users