System hardening

["John Creegan" <jcreegan () questarweb com>]

I've got the basic snort and reporting systems up and running (snort,
ACID, MySQL) and I'm ready to turn my attention to protecting/hardening
my system (Solaris 8 on SPARC) before I do any more with snort
(barnyard, oinkmaster, etc.)

I'm looking at a tool (yassp) for going beyond the system hardening
described in the docs.  I can't find any mention of it (so far) in the
archives, FAQ or the recommended three books.  Yassp seems a bit old. 
It may work well for Solaris 8, but it appears there's been no recent
support for it.

Does anyone think it's worth hardening a system so much?  I've already
got tripwire running but that, to me, is a reactive approach.  I'd
rather prevent someone from changing my system files than to know they
already did it.

I'm aware that unless I proceed carefully I can make the system useless
for its intended purpose, running snort.


This message (including any attachments) contains confidential 
information intended for a specific individual and purpose, 
and is protected by law.  If you are not the intended recipient,
you should delete this message and are hereby notified that any 
disclosure,copying, or distribution of this message, or the taking 
of any action based on it, is strictly prohibited.



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users