Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Securing a Snort machine

From: Saad Kadhi <saad () docisland org>
Date: Fri, 18 Apr 2003 08:33:50 +0200
On Thu, Apr 17, 2003 at 11:45:25AM -0400, Matt Kettler wrote:

Webmin always carries a small degree of risk, since it is a powerful tool 
and is network accessible. If you do run it, make SURE that it's only bound 
to an "inside" interface and make sure that your firewall will NOT allow 
the internet to talk to the IP of that interface. As long as it's running 
only on an inside interface that's protected by a firewall it should be 
safe, but you are depending on the firewall.

If Webmin uses a static tcp port, make it listen to localhost only. then
use SSH port forwarding to access it remotely  from  the  administration
nic with sth like 'ssh -L localport:host:hostport me@mybox'.  that  way,
your communication with it is secured (I recommend you use SSH2  with  a
DSA key) and encrypted.

-- 
Saad Kadhi -- [saad () docisland org] [saad.kadhi () hapsis fr]
[pgp keyid: 35592A6D http://pgp.mit.edu]
[pgp fingerprint: BF7D D73E 1FCF 4B4F AF63  65EB 34F1 DBBF 3559 2A6D]
---


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: