Snort mailing list archives

RE: Still Help Needed: i want to make a firewall

From: Rich Adamson <radamson () routers com>
Date: Thu, 17 Apr 2003 07:26:26 -0600

Agreed whole heartedly. Although properly securing a windows box is just as 
complex a problem as properly securing a unix server, it's not impossible. 
The only degree to which it is worse is the absolutely horrid history of 
exploits to IIS (not that Apache is any better).

I certainly would question the wisdom of running snort on a NT box that 
sits outside your firewall and runs IIS on the external interface. But I'd 
also question the wisdom of doing the same thing with a Linux box running 
Apache, bind, ssh, or sendmail on the external interface.


We've worked with corporations in 40+ states as independent network performance
and security consultants. In the past 18 months or so, we've seen many
small to medium size companies discontinue their Linux/BSD systems (replaced
with Win2k boxes) due to staff training and internal support costs; had
nothing to do with capabilities, performance or security. (Personally don't 
care, we run NT, Win2k, multiple Linux versions, Sun, etc.)

Several of these clients have NT and Win2k servers directly on Internet
segments, and after multiple years of exposure, have not been compromised
as yet. On the flip side, one client's hardened BSD box (with current 
patches) was compromised and a root kit installed. Regardless of OS, 
security is still an issue of understanding/knowledge/experience and 
applying it to whatever system that's in use. Any missed steps in the
process can obviously create a problem.

An interesting exercise for those that would like empirical data: count 
the number of security alerts by OS in any reasonably complete database.
Every OS needs about the same level of attention.

Rich




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Re: {SPAM} Still Help Needed: i want to make a firewall, (continued)
- Re: {SPAM} Still Help Needed: i want to make a firewall Matt Kettler (Apr 15)
- Re: Still Help Needed: i want to make a firewall Patrick S. Harper (Apr 15)
  - Re: Still Help Needed: i want to make a firewall Jason (Apr 15)
- Still Help Needed: i want to make a firewall Junaid (Apr 15)
- RE: Still Help Needed: i want to make a firewall bmcdowell (Apr 15)
- RE: Still Help Needed: i want to make a firewall Robert Reid (Apr 15)
  - RE: Still Help Needed: i want to make a firewall Michael Steele (Apr 16)
    - RE: Still Help Needed: i want to make a firewall Mike Mentges (Apr 16)
    - RE: Still Help Needed: i want to make a firewall Matt Kettler (Apr 16)
    - RE: Still Help Needed: i want to make a firewall Michael Steele (Apr 16)
    - RE: Still Help Needed: i want to make a firewall Rich Adamson (Apr 17)
- RE: Still Help Needed: i want to make a firewall Horta, Benny (Apr 16)
- RE: Still Help Needed: i want to make a firewall Mirko Matytschak (Apr 17)
- RE: Still Help Needed: i want to make a firewall Robert Reid (Apr 17)
- RE: Still Help Needed: i want to make a firewall James Bly (Apr 17)
- RE: Still Help Needed: i want to make a firewall Robert Reid (Apr 17)
  - RE: Still Help Needed: i want to make a firewall Michael Steele (Apr 17)
    - RE: Still Help Needed: i want to make a firewall Paul Schmehl (Apr 17)
    - RE: Still Help Needed: i want to make a firewall Matt Kettler (Apr 17)
- RE: Still Help Needed: i want to make a firewall Donofrio, Lewis (Apr 17)