Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Snort-Machine = Security Hole?

From: "Robert D. Hughes" <rob () robhughes com>
Date: Fri, 13 Jul 2001 15:27:21 -0500
If it really bothers you, clip the transmit wires. Even if someone manages to
compromise the box, they'll have no way to tell as it won't be able to send
any data to them.

        -----Original Message----- 
        From: Dan Hollis 
        Sent: Thu 7/12/2001 7:36 PM 
        To: Daniel Voyer 
        Cc: Thorsten Ziegler; snort-users () lists sourceforge net 
        Subject: Re: [Snort-users] Snort-Machine = Security Hole?
        
        

        On Thu, 12 Jul 2001, Daniel Voyer wrote:
        > I put a hub or a switch (with span port) between my firewall and my
Internet
        > router. On this hub I place a snort machine with two nic.
        > The first nic is directly connected to the switch with *0.0.0.0* ip
address.
        
        On linux you dont even have to give the nic an ip address.
        
        Just 'ifconfig eth1 up' and snort works. No ip address, no worries.
        
        -Dan
        
        
        _______________________________________________
        Snort-users mailing list
        Snort-users () lists sourceforge net
        Go to this URL to change user options or unsubscribe:
        http://lists.sourceforge.net/lists/listinfo/snort-users
        Snort-users list archive:
        http://www.geocrawler.com/redir-sf.php3?list=snort-users

<<winmail.dat>>

Previous By Date Next
Previous By Thread Next

Current thread: