Snort mailing list archives
Re: Securing a Snort machine
From: Saad Kadhi <saad () docisland org>
Date: Fri, 18 Apr 2003 08:33:50 +0200
On Thu, Apr 17, 2003 at 11:45:25AM -0400, Matt Kettler wrote:
Webmin always carries a small degree of risk, since it is a powerful tool and is network accessible. If you do run it, make SURE that it's only bound to an "inside" interface and make sure that your firewall will NOT allow the internet to talk to the IP of that interface. As long as it's running only on an inside interface that's protected by a firewall it should be safe, but you are depending on the firewall.
If Webmin uses a static tcp port, make it listen to localhost only. then use SSH port forwarding to access it remotely from the administration nic with sth like 'ssh -L localport:host:hostport me@mybox'. that way, your communication with it is secured (I recommend you use SSH2 with a DSA key) and encrypted. -- Saad Kadhi -- [saad () docisland org] [saad.kadhi () hapsis fr] [pgp keyid: 35592A6D http://pgp.mit.edu] [pgp fingerprint: BF7D D73E 1FCF 4B4F AF63 65EB 34F1 DBBF 3559 2A6D] --- ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Securing a Snort machine Elvira_Byrnes (Apr 16)
- Re: Securing a Snort machine Patrick S. Harper (Apr 16)
- <Possible follow-ups>
- RE: Securing a Snort machine Elvira_Byrnes (Apr 16)
- Re: Securing a Snort machine Michael Anderson (Apr 17)
- RE: Securing a Snort machine Matt Kettler (Apr 17)
- Re: Securing a Snort machine Saad Kadhi (Apr 18)
- Performance Bottleneck Daniel R. Miessler (Apr 18)
- RE: Securing a Snort machine Elvira_Byrnes (Apr 16)
- RE: Securing a Snort machine Semerjian, Ohanes (Apr 17)
- RE: Securing a Snort machine Semerjian, Ohanes (Apr 17)
- Re: Securing a Snort machine M M (Apr 17)
- RE: Securing a Snort machine Dean Scott (Apr 17)
- RE: Securing a Snort machine Elvira_Byrnes (Apr 22)