snort - Security

This is a discussion on snort - Security ; Hi! I have a standalone machine with the cable Internet connection. I am running shorewall and I read a little about Snort. It is too paranoid to install snort on the standalone computer? Thanks in advance......

+ Reply to Thread
Results 1 to 6 of 6

Thread: snort

  1. snort

    Hi!

    I have a standalone machine with the cable Internet connection. I am running
    shorewall and I read a little about Snort. It is too paranoid to install
    snort on the standalone computer?

    Thanks in advance...


  2. Re: snort

    ajtiM :
    >
    > I have a standalone machine with the cable Internet connection. I am running
    > shorewall and I read a little about Snort. It is too paranoid to install
    > snort on the standalone computer?


    How can we possibly answer that for you? Do you have reason to be
    paranoid? How paranoid?


    --
    Any technology distinguishable from magic is insufficiently advanced.
    (*) http://www.spots.ab.ca/~keeling Linux Counter #80292
    - - http://www.faqs.org/rfcs/rfc1855.html Please, don't Cc: me.
    Spammers! http://www.spots.ab.ca/~keeling/emails.html

  3. Re: snort

    On 2006-12-09, s. keeling wrote:

    > How can we possibly answer that for you? Do you have reason to be
    > paranoid? How paranoid?


    Could your reply be any more useless? How useless?

    nb

  4. Re: snort

    notbob :
    > On 2006-12-09, s. keeling wrote:
    >
    > > How can we possibly answer that for you? Do you have reason to be
    > > paranoid? How paranoid?

    >
    > Could your reply be any more useless? How useless?


    You call that useless? Asking for information with which to solve a
    problem? Glad you're not working for me.

    Snarky replies; now that's useless.


    --
    Any technology distinguishable from magic is insufficiently advanced.
    (*) http://www.spots.ab.ca/~keeling Linux Counter #80292
    - - http://www.faqs.org/rfcs/rfc1855.html Please, don't Cc: me.
    Spammers! http://www.spots.ab.ca/~keeling/emails.html

  5. Re: snort

    In comp.os.linux.security s. keeling :
    > ajtiM :


    >> I have a standalone machine with the cable Internet connection. I am running
    >> shorewall and I read a little about Snort. It is too paranoid to install
    >> snort on the standalone computer?


    > How can we possibly answer that for you? Do you have reason to be
    > paranoid? How paranoid?


    Indeed, IMHO the general problem with snort and alike stuff is it
    tends to obscure many people more then anything and doesn't help
    an inch if you are missing the required skills to interpret what
    the logs want to tell you.

    In general, applying all distro updates on a regular base,
    keeping services not reachable from the internet should be enough
    to stay clean.

    At least disable direct root logins via ssh, if you think you
    really need to enable outside ssh access, sometimes it might be
    possible to reduce access to a few hosts/networks which would
    help in addition. Extra points for allowing key login only.

    --
    Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
    mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
    #bofh excuse 46: waste water tank overflowed onto computer

  6. Re: snort



    ajtiM wrote:
    >
    > Hi!
    >
    > I have a standalone machine with the cable Internet connection. I am running
    > shorewall and I read a little about Snort. It is too paranoid to install
    > snort on the standalone computer?
    >
    > Thanks in advance...


    Do you have a router? Shorewall can be used with a hardware firewall (router).

+ Reply to Thread