RE: [Snort-users] IDS and Firewall
This is a discussion on RE: [Snort-users] IDS and Firewall within the Snort forums, part of the System Security and Security Related category; In general, you want to separate the functions firewall and the IDS. One of the primary uses for an IDS ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-28-2004
|
|||
|
|||
RE: [Snort-users] IDS and Firewall
In general, you want to separate the functions firewall and the IDS.
One of the primary uses for an IDS is to verify that the FW is doing its job. That is, if the FW is compromised, the IDS should be able to alert you. (you may choose to run a separate instance of snort *on* the FW for other reasons, but that should not be your primary IDS) Jim > -----Original Message----- > From: snort-users-admin@lists.sourceforge.net > [mailto:snort-users-admin@lists.sourceforge.net]On Behalf Of > Kernel The > Canine > Sent: Wednesday, April 28, 2004 3:34 AM > To: snort-users@lists.sourceforge.net > Subject: [Snort-users] IDS and Firewall > > > Hello > > I'm running shorewall.net as my firewall, on RedHat > linux box version 9.0 > > Is it recommended to run on it snort (on the same box) > or should I run it on another computer > > Waiting for replies > > Kind Regards > Kernel The Canine > > > > > __________________________________ > Do you Yahoo!? > Win a $20,000 Career Makeover at Yahoo! HotJobs > http://hotjobs.sweepstakes.yahoo.com/careermakeover > > > ------------------------------------------------------- > This SF.Net email is sponsored by: Oracle 10g > Get certified on the hottest thing ever to hit the market... > Oracle 10g. > Take an Oracle 10g class now, and we'll give you the exam FREE. > http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click > _______________________________________________ > Snort-users mailing list > Snort-users@lists.sourceforge.net > Go to this URL to change user options or unsubscribe: > https://lists.sourceforge.net/lists/...fo/snort-users > Snort-users list archive: > http://www.geocrawler.com/redir-sf.p...st=snort-users > ------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
