[Snort-users] Attack on snort running in Public Zone
This is a discussion on [Snort-users] Attack on snort running in Public Zone within the Snort forums, part of the System Security and Security Related category; This is a multi-part message in MIME format. ------=_NextPart_000_002F_01C3A7CB.F40565E0 Content-Type: text/plain; charset="iso-8859-1&...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-15-2003
|
|||
|
|||
[Snort-users] Attack on snort running in Public Zone
This is a multi-part message in MIME format.
------=_NextPart_000_002F_01C3A7CB.F40565E0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Helllo Everybody. I have snort running on win2k and it is working fine so far.I had placed it in DMZ to monitor the malicious traffic passing through firewall and Now i want to put another snort win2k system in Public zone i.e in between my router and firewall so i can know which traffic is actually hitting the outside interface of my firewall. My concern is : Since my snort system ( win2k ) is gonna be on public IP address , what will happen if somebody runs a Denial of service attack on my snort system itself. How can i be sure that my snort system running on win2k is safe from DOS attack ? Thanks KS ------=_NextPart_000_002F_01C3A7CB.F40565E0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.2600.0" name=3DGENERATOR></HEAD> <BODY> <DIV><FONT face=3DArial size=3D2><SPAN class=3D558350115-10112003>Helllo = Everybody.</SPAN></FONT></DIV> <DIV><FONT face=3DArial size=3D2><SPAN=20 class=3D558350115-10112003></SPAN></FONT> </DIV> <DIV><FONT face=3DArial size=3D2><SPAN class=3D558350115-10112003>I have = snort running=20 on win2k and it is working fine so far.I had placed it in DMZ to monitor = the=20 malicious traffic passing through firewall and Now i want to put another = snort=20 win2k system in Public zone i.e in between my router and firewall = so i can=20 know which traffic is actually hitting the outside interface of my=20 firewall. </SPAN></FONT></DIV> <DIV><FONT face=3DArial size=3D2><SPAN class=3D558350115-10112003>My = concern is=20 : Since my snort system ( win2k ) is gonna be on public IP = address ,=20 what will happen if somebody runs a Denial of service attack on my = snort=20 system itself. </SPAN></FONT></DIV> <DIV><FONT face=3DArial size=3D2><SPAN class=3D558350115-10112003>How = can i be sure=20 that my snort system running on win2k is safe from DOS attack=20 ?</SPAN></FONT></DIV> <DIV><FONT face=3DArial size=3D2><SPAN=20 class=3D558350115-10112003></SPAN></FONT> </DIV> <DIV><FONT face=3DArial size=3D2><SPAN=20 class=3D558350115-10112003>Thanks</SPAN></FONT></DIV> <DIV><FONT face=3DArial size=3D2><SPAN=20 class=3D558350115-10112003>KS</SPAN></FONT></DIV></BODY></HTML> ------=_NextPart_000_002F_01C3A7CB.F40565E0-- ------------------------------------------------------- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/...=mm/g22lp.tmpl _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
