Snort mailing list archives
RE: Attack on snort running in Public Zone
From: "Michael Steele" <michaels () winsnort com>
Date: Tue, 18 Nov 2003 08:22:05 -0800
Here is a post on the subject: http://www.winsnort.com/index.php?name=PNphpBB2 <http://www.winsnort.com/index.php?name=PNphpBB2&file=viewtopic&t=58> &file=viewtopic&t=58 Cheers... -Michael Steele -- System Engineer / Security Support Technician mailto:michaels () winsnort com Website: http://www.winsnort.com Snort: Open Source Network IDS - http://www.snort.org _____ From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Lucretia Enterprises Administrator Sent: Tuesday, November 18, 2003 7:16 AM To: crtech; snort-users () lists sourceforge net Subject: RE: [Snort-users] Attack on snort running in Public Zone What did you do to stop the services from broadcasting on your connection? -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of crtech Sent: Monday, November 17, 2003 3:05 PM To: snort-users () lists sourceforge net Subject: Re: [Snort-users] Attack on snort running in Public Zone I run snort on a Win2k box. I have placed it outside our network so that we may see what is trying to get in. In the future we plan to add one to the inside. (We are just learning right now) When I installed the OS on this box I made sure that I had all the patches and updates. I also tried to look everything down that I could come up with. The final protection was that I did not assign that NIC an IP address. It can not send anything so it is my understanding that it will not be able to be hacked. Lynn ----- Original Message ----- From: KS <mailto:kanwaljeet () emind com> To: snort-users () lists sourceforge net Sent: Monday, November 10, 2003 9:18 AM Subject: [Snort-users] Attack on snort running in Public Zone Helllo Everybody. I have snort running on win2k and it is working fine so far.I had placed it in DMZ to monitor the malicious traffic passing through firewall and Now i want to put another snort win2k system in Public zone i.e in between my router and firewall so i can know which traffic is actually hitting the outside interface of my firewall. My concern is : Since my snort system ( win2k ) is gonna be on public IP address , what will happen if somebody runs a Denial of service attack on my snort system itself. How can i be sure that my snort system running on win2k is safe from DOS attack ? Thanks KS
Current thread:
- Re: RE: Attack on snort running in Public Zone, (continued)
- Re: RE: Attack on snort running in Public Zone Scot Scot (Nov 14)
- RE: RE: Attack on snort running in Public Zone Michael Steele (Nov 14)
- RE: RE: Attack on snort running in Public Zone kanwal (Nov 14)
- RE: RE: Attack on snort running in Public Zone james (Nov 16)
- RE: RE: Attack on snort running in Public Zone james (Nov 16)
- RE: RE: Attack on snort running in Public Zone james (Nov 17)
- RE: RE: Attack on snort running in Public Zone Michael Steele (Nov 14)
- RE: Attack on snort running in Public Zone Lucretia Enterprises Administrator (Nov 18)
- RE: Attack on snort running in Public Zone Michael Steele (Nov 18)
- AG M.D. DeWar (Nov 18)
- Re: AG GDHough (Nov 18)
- Re: Attack on snort running in Public Zone Matt Kettler (Nov 18)
- Message not available
- RE: Attack on snort running in Public Zone Matt Kettler (Nov 18)
- RE: Attack on snort running in Public Zone Lucretia Enterprises Administrator (Nov 18)
- RE: Attack on snort running in Public Zone Matt Kettler (Nov 19)
- RE: Attack on snort running in Public Zone Jason Haar (Nov 18)