RE: [Snort-users] Snort 2.3
This is a discussion on RE: [Snort-users] Snort 2.3 within the Snort forums, part of the System Security and Security Related category; Well put!! Those that are not keeping current on a professional implementation of any OS, is asking for problems. =20 ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-03-2005
|
|||
|
|||
RE: [Snort-users] Snort 2.3
Well put!!
Those that are not keeping current on a professional implementation of any OS, is asking for problems. =20 Especially when concerning with security. -----Original Message----- From: snort-users-admin@lists.sourceforge.net [mailto:snort-users-admin@lists.sourceforge.net] On Behalf Of James Riden Sent: Thursday, February 03, 2005 1:42 PM To: snort-users@lists.sourceforge.net Subject: Re: [Snort-users] Snort 2.3 SN ORT <snort_on_acid@yahoo.com> writes: > Ha! If you don't have time to "patch manually" you don't have time > to try and "trim down" a distro. The point is you don't need to > patch and you don't need any newer OS, especially if you're just > going to "trim it down" anyways. Besides, those OSes you mentioned > aren't going to trim down very much, what with all that gui and junk > that comes with it. Many people here probably don't patch their > Snort boxes at all. I don't. It has ACL'd access per host, I don't > need to worry about patching every other day and wondering, "Now > what options did I last compile that with?" !! "Oh now everything's > broke!...etc" AFAIK you can install any of the major modern distro's (Fedora, Red Hat, Debian) without X and without GUIs. I'm trying to keep up with 100Mbit/s upwards and believe me, a basic 600Mb Fedora Core 3 install doesn't make that much difference either way. You can bet I keep all my IDS sensors up to date with patches; that is SOP for any box that can receive any kind of IP traffic, ACLs or no. What happens if someone compromises a box that is allowed to send to that host? --=20 James Riden / j.riden@massey.ac.nz / Systems Security Engineer Information Technology Services, Massey University, NZ. GPG public key available at: http://www.massey.ac.nz/~jriden/ ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...=3Dsnort-users ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
