Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Snort on Mandrake 9.0

From: "Gonzalez, Albert" <albert.gonzalez () eds com>
Date: Mon, 3 Feb 2003 11:20:54 -0500
Hrm....

I suggest you learn IPtables. So then you can manually create your firewall.
I personally don't run anything I don't understand. Read the documentation
on iptables, and then if you wish to run snort go ahead and read that
documentation. 

Snort can help you identify attacks (successful or not) aimed at your PC. If
you want to help protect your network with an IDS identifing attacks, take a
look at SnortSam[1] or Hogwash[2]. 

I would like to know where you read that snort is vulnerable without a
firewall? 

Cheers!

        Alberto Gonzalez

-----Original Message-----
From: Vaessen, E.M.J. (Ed) [mailto:E.M.J.Vaessen () MDI RWS MINVENW NL]
Sent: Monday, February 03, 2003 10:36 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Snort on Mandrake 9.0


Hello,

I have installed mandrake 9.0 on a single home PC connected to the internet
(ISP xs4all, the Netherlands) by ADSL. At times I may be connected to the
internet for hours.
The security setting (using msec) was set to "high". Furthermore I tried to
set the firewall using the menu Mandrake provides for that but in that
simple menu I could not let the firewall apply to any service (not even
cups) without blocking the contact between my browser (Netscape 7.0) and the
internet. It is not something I understand. As far as I can guess there is
no firewall at all on my system.
Out of curiosity I installed snort and the question is if this is a sensible
thing to do in order to improve the protection of my system. I read
somewhere that snort itself may be vulnerable without a firewall in between.

As you may deduce from this I am a complete newbie in the field of security.

Ed Vaessen

Disclaimer
************************************************************************
Aan dit bericht kunnen geen rechten worden ontleend. 
Dit bericht is uitsluitend bestemd voor de geadresseerde.
Als u dit bericht per abuis hebt ontvangen, wordt u verzocht het te 
vernietigen en de afzender te informeren.
Wij adviseren u om bij twijfel over de juistheid of de volledigheid van 
de mail contact met afzender op te nemen.
************************************************************************




-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: