RE: [Snort-users] Snort ports?
This is a discussion on RE: [Snort-users] Snort ports? within the Snort forums, part of the System Security and Security Related category; Assuming the MySQL database is on the ACID console, just one line: permit tcp host [sensor address] host [ACID console ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
03-31-2005
|
|||
|
|||
RE: [Snort-users] Snort ports?
Assuming the MySQL database is on the ACID console, just one line:
permit tcp host [sensor address] host [ACID console address] eq 3306 This will allow the sensor to make the connection to MySQL, which is all it needs to do. Of course, if this is an inside/outside scenario, you might consider a different method of deploying your sensor so that the MySQL flow is not traversing an untrusted network. PaulM ________________________________ From: snort-users-admin@lists.sourceforge.net [mailto:snort-users-admin@lists.sourceforge.net] On Behalf Of Escudero, Peter Louis Sent: Thursday, March 31, 2005 4:33 PM To: snort-users@lists.sourceforge.net Subject: [Snort-users] Snort ports? Our sensor needs to send alerts to the ACID console that's behind a Cisco PIX firewall. What ports/services need to be opened? Any info you can provide will be greatly appreciated. Peter ------------------------------------------------------- This SF.net email is sponsored by Demarc: A global provider of Threat Management Solutions. Download our HomeAdmin security software for free today! http://www.demarc.com/info/Sentarus/hamr30 _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
