Re: snort on router - risks?

[Marcus Schopen <lists () localguru de>]

Hi Bennett,

Bennett Todd wrote:

> If performance is not a concern --- and with a DSL link it's
> probably not --- then go ahead with it.

o.k.

> Make sure you run your snort chrooted, as a non-priv uid/gid; and
> keep an eye out for snort updates that fix security bugs.

Someone on the debian-user list wrote, that setting ppp0 interface to 
promiscous mode is not a good idea, but he didn't explain why. Is that 
right?

Saluti,
Marcus

--
Marcus Schopen        (0>
P.O. Box 10 25 25     //\     Deutsche Zope User Group
D-33525 Bielefeld     V_/_                www.dzug.org

        Weird, but life is too short, move on ...



-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users