Re: Snort, BASE, and FRW

[waldo kitty <wkitty42 () windstream net>]

On 9/25/2012 15:37, Shomiron Das Gupta wrote:
> Hi,
>
> Few questions:
> -- What firewalls are these?

what firewalls do you mean???

> -- Do they have preinstalled snort running on them?

you have to tell us more... the crystal balls are in the shop... what are you 
looking at on what systems???

> -- Are these firewalls running on HA?

who knows? you are running what you are... we cannot see this from here...

> These will help us get a correct analysis.

please define "correct analysis"... especially considering inbound rules vs 
outbound rules... than then consider do you want to catch all "bad" (based on 
your rules choices) traffic on only that "bad traffic" that your rules choices 
are covering on your network with known apps running???


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!