[Snort-users] RE: Attack on snort running in Public Zone

Hello,
=20
When running Snort on a Windows 2000 machine one thing you should always =
do is unbind EVERYTHING from the interface that Snort is running on. =
This is the equivalent of running Snort in stealth mode. Snort will =
still be able to view and log the traffic. You will need to either view =
all of the log data locally or use a second interface hopefully on a =
completely VLAN'd subnet to send data to a centralized point or for =
remote viewing of logs with ACID, etc.
=20
Hope that helps,
=20
Geoff Craig
Infrastructure Architect/Engineer
Quilogy - The Art & Science of Business
Atomic Security: Security for the real world


-------------------------------------------------------
This SF. Net email is sponsored by: GoToMyPC
GoToMyPC is the fast, easy and secure way to access your computer from
any Web browser or wireless device. Click here to Try it Free!
https://www.gotomypc.com/tr/OSDN/AW/...=mm/g22lp.tmpl
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/...fo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.p...st=snort-users