RE: RE: Attack on snort running in Public Zone

["Michael Steele" <michaels () winsnort com>]

Run Snort with no IP on the outside.

Cheers...

-Michael Steele
--
 System Engineer / Security Support Technician    
 mailto:michaels () winsnort com   
 Website: http://www.winsnort.com
 Snort: Open Source Network IDS - http://www.snort.org

  _____  

From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of KS
Sent: Tuesday, November 11, 2003 7:15 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] RE: Attack on snort running in Public Zone

 

Is anyone out there who can help ????????

 

 

-----Original Message-----
From: KS [mailto:kanwaljeet () emind com]
Sent: Monday, November 10, 2003 8:48 PM
To: snort-users () lists sourceforge net
Subject: Attack on snort running in Public Zone

Helllo Everybody.

 

I have snort running on win2k and it is working fine so far.I had placed it
in DMZ to monitor the malicious traffic passing through firewall and Now i
want to put another snort win2k system in Public zone i.e in between my
router and firewall so i can know which traffic is actually hitting the
outside interface of my firewall. 

My concern is :  Since my snort system ( win2k ) is gonna be on public IP
address , what will happen if somebody runs a Denial of service attack on my
snort system itself.  

How can i be sure that my snort system running on win2k is safe from DOS
attack ?

 

Thanks

KS