Snort mailing list archives
Snort Security ? How to ?
From: Always Bishan <bishan4u () yahoo co uk>
Date: Sun, 20 Apr 2003 07:57:00 +0100 (BST)
Hi Snorters, I am installing a RH8 Linux machine in my network which will serve the purpose of a snort sensor and the main snort manager.There will be 3 other snort sensors(all in linux) which will be logging into the snort manager. Now I want this Snort Manager and the 3 sensors to be extremely secure. This can be done by: 1. Installing minimum number of packages on all the boxes. 2. Running Snort as non-root. 3. Logging to the database as non-root. 4. Running Snort in a CHROOT environment. 5. Tight privileges to snort files. Now, for making above possible, I don't have answers to the following questions: 1. What are the dependencies of Snort and what minimum packages do I need to install on the machine whose purpose is only as a snort sensor? 2. How do I run snort as a non-root user ? 3. What permissions like SELECT,INSERT,DELETE do I need to give to snort user for it to work seamlessly with ACID ? 4. How do I run Snort in a Chroot environment ? (Is there any document explaining this) I think if we can answer these, we will have a very secure snort box. Please drop in your valuable comments. Regards, Bishan ===== Celebrating Happiness email: bishan () sumerusolutions com company: www.sumerusolutions.com __________________________________________________ Yahoo! Plus For a better Internet experience http://www.yahoo.co.uk/btoffer ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort Security ? How to ? Always Bishan (Apr 20)
- Re: Snort Security ? How to ? d_greenjr (Apr 20)
- Re: Snort Security ? How to ? {correctios} d_greenjr (Apr 22)
- Re: Snort Security ? How to ? d_greenjr (Apr 20)