Snort mailing list archives
RE: Securing a Snort machine
From: Elvira_Byrnes () mobileinnovations com au
Date: Thu, 17 Apr 2003 15:36:18 +1000
Thanks a lot for your suggestions. What is the proper way to configure an IPless interface on the RedHat? Is it safe to run Webmin on that box? Thanks a lot. Regards Elvira -----Original Message----- From: Semerjian, Ohanes [mailto:ohanes.semerjian () au mci com] Sent: Thursday, 17 April 2003 3:06 PM To: 'Elvira_Byrnes () mobileinnovations com au'; snort-users () lists sourceforge net Subject: RE: [Snort-users] Securing a Snort machine Best way is to : 1. use IPless interfaces (specially one on Internet ) except the one that will use it to connect to the box ( which is best to be located internally). 2. Use ssh to connect to the box via the internal interface on the LAN. 3. Close all ports (via shutting down ports and stopping scripts that are not need to be run on the box) except for ssh. 4. Scan the box to find out if you do have any ports open other than ssh. Best Regards Ohanes Semerjian Security Engineer, AsiaPac International Security Group (Central Services) WorldCom International Ph:(02) 9434 5636 Mob: 0410 657 249 PGP kEY 75DF 2980 5663 2DC1 12CD E43E 94D6 7A9A 222D 3449 -----Original Message----- From: Elvira_Byrnes () mobileinnovations com au [mailto:Elvira_Byrnes () mobileinnovations com au] Sent: Thursday, 17 April 2003 2:08 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Securing a Snort machine Hi Everybody I have installed Snort and now want to make the machine secure. Snort will be listening on border attacks (outside the network), on the dmz, and inside the lan. What is the best way of doing it on RedHat 8.0 and 9.0? Thanks a lot. Elvira ******************** Confidentiality Statement *************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message, you must not disseminate, copy or take any action in reliance on it. If you have received this message in error, please delete it from your system and notify the sender immediately. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the view of the company. ******************** Confidentiality Statement *************************** This message contains privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message, you must not disseminate, copy or take any action in reliance on it. If you have received this message in error, please delete it from your system and notify the sender immediately. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the view of the company.
Current thread:
- Securing a Snort machine Elvira_Byrnes (Apr 16)
- Re: Securing a Snort machine Patrick S. Harper (Apr 16)
- <Possible follow-ups>
- RE: Securing a Snort machine Elvira_Byrnes (Apr 16)
- Re: Securing a Snort machine Michael Anderson (Apr 17)
- RE: Securing a Snort machine Matt Kettler (Apr 17)
- Re: Securing a Snort machine Saad Kadhi (Apr 18)
- Performance Bottleneck Daniel R. Miessler (Apr 18)
- RE: Securing a Snort machine Elvira_Byrnes (Apr 16)
- RE: Securing a Snort machine Semerjian, Ohanes (Apr 17)
- RE: Securing a Snort machine Semerjian, Ohanes (Apr 17)
- Re: Securing a Snort machine M M (Apr 17)
- RE: Securing a Snort machine Dean Scott (Apr 17)
- RE: Securing a Snort machine Elvira_Byrnes (Apr 22)