Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IDS Topology

From: Demetri Mouratis <dmourati () cm math uiuc edu>
Date: Fri, 10 Jan 2003 10:08:22 -0600 (CST)
On Fri, 10 Jan 2003, Saad Kadhi wrote:

- no steath logging ability

why? an all-component machine doesn't necessarily imply  a  single  NIC.
you can always throw two cards at the task and  use  one  for  detection
while  hooking  the  other  to  a  secure  administration  network.  the
detection/sniffing card would be setup so that it  doesn't  have  an  IP
address.


Sorry, I was referring to more than just sniffing without an IP:

http://www.linuxjournal.com/article.php?sid=6222




Read some of the ACID documentation for more reasons.

in which file(s)?


Again, sorry.  Too lazy last night:

http://www.cert.org/kb/acid/

Specifically:

IV. SECURITY

Eat some carrots, they are good for you.
---------------------------------------------------------------------
Demetri Mouratis
dmourati () linfactory com



-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: