RE: System hardening

["Van Oosterom, Peter" <Peter.vanoosterom () atosorigin com>]

Or Titan, which supports most varients of *nix

Regards
Peter

-----Original Message-----
From: Matthew Thomas [mailto:mthomas () biocontrolsys com]
Sent: Thursday, 4 September 2003 5:19 AM
To: 'John Creegan'; snort-users () lists sourceforge net
Subject: RE: [Snort-users] System hardening


You might checkout the Bastille-Linux project, too.  Their plan is to add
solaris support in their 2.2 release.  I'm not sure how close they are to
that being ready, though.

Regards,
Matt Thomas

> -----Original Message-----
> From: snort-users-admin () lists sourceforge net 
> [mailto:snort-users-admin () lists sourceforge net] On Behalf Of 
> John Creegan
> Sent: Wednesday, September 03, 2003 7:28 AM
> To: snort-users () lists sourceforge net
> Subject: [Snort-users] System hardening
>
>
> I've got the basic snort and reporting systems up and running 
> (snort, ACID, MySQL) and I'm ready to turn my attention to 
> protecting/hardening my system (Solaris 8 on SPARC) before I 
> do any more with snort (barnyard, oinkmaster, etc.)
>
> I'm looking at a tool (yassp) for going beyond the system 
> hardening described in the docs.  I can't find any mention of 
> it (so far) in the archives, FAQ or the recommended three 
> books.  Yassp seems a bit old. 
> It may work well for Solaris 8, but it appears there's been 
> no recent support for it.
>
> Does anyone think it's worth hardening a system so much?  
> I've already got tripwire running but that, to me, is a 
> reactive approach.  I'd rather prevent someone from changing 
> my system files than to know they already did it.
>
> I'm aware that unless I proceed carefully I can make the 
> system useless for its intended purpose, running snort.
>
>
> This message (including any attachments) contains confidential 
> information intended for a specific individual and purpose, 
> and is protected by law.  If you are not the intended 
> recipient, you should delete this message and are hereby 
> notified that any 
> disclosure,copying, or distribution of this message, or the taking 
> of any action based on it, is strictly prohibited.



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

This e-mail is privileged and may contain confidential information intended only for the person(s) named above. If you 
receive this e-mail
in error, please notify the addressee immediately by telephone or return e-mail. Although the sender endeavours to 
maintain a computer
virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any 
damages resulting from
any virus transmitted.


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users