Snort mailing list archives
Re: Installing a new SNORT box
From: John Sage <jsage () finchhaven com>
Date: Wed, 05 Dec 2001 22:22:07 -0800
Thatcher:snort in-and-of itself doesn't need any services running (in the sense that "sevices" is usually meant..) to run by itself on a box..
What other services you run depends on what other functionality that box will have..
If it's *really* a firewall some would say that it shouldn't be running any other services at all, if by services you mean httpd, ssh, ftp, mail, dns, etc etc, but just filtering packets and sending them onward into the rest of your network.
How will you administer the firewall? Can you always work right at its keyboard, or will you ever need remote access?
What sort of throughput does your LAN produce?A 233mhz with 128meg can do a lot; but "how big a box do I need" is one of those questions that often gets answered "That depends..."
- John Thatcher Rea wrote:
I have spent some time doing research about installing a snort box onto our Windows LAN. Because I'm really a Linux newbie I don't want to have the snort box itself hacked into, I'm trying to isolate only those daemons/services that I need to have for SNORT. I have decided to installed snort on a PC-clone running RedHat Linux 7.2. I have read several articles on Linux-Sec.net, and they have given me some good starting ideas, but I'm not certain of which services SNORT needs to run. Assuming I was going to have an installation of SNORT 1.8.3 that used all the bells and whistles, what needs to run? Also, what kind of hardware requirements do I need for this machine? I have been given a PentiumII 233mhz machine with 128mb RAM and a 2GB hard drive to use, but I'm sure if this is enough. I'm sure questions like this have been asked before, so If someone could point me to a site with appropriate answers rather than re-answering questions that would be great. Cheers.
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Installing a new SNORT box Thatcher Rea (Dec 05)
- Re: Installing a new SNORT box John Sage (Dec 05)
- Re: Installing a new SNORT box Mike Shaw (Dec 06)
- <Possible follow-ups>
- RE: Installing a new SNORT box Chris Eidem (Dec 06)