Re: IDS Management - Port Numbers
From: Brian (bmc@snort.org)Date: 12/13/01
- Previous message: andy cuff: "Re: IDS Management - Port Numbers"
- In reply to: robert.d.turner@bt.com: "IDS Management - Port Numbers"
- Next in thread: Joseph E. Krause: "RE: IDS Management - Port Numbers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 13 Dec 2001 14:16:52 -0500 From: Brian <bmc@snort.org> To: robert.d.turner@bt.com
According to robert.d.turner@bt.com:
> Does anyone know of a list of recognised (standard) port numbers for IDS/
> Firewall/Management applications? I've been looking around intermittently
> for a while, and there does not seem to be a collected list.
Older RealSecure installations listened on 2998 and 901 by default.
The port is reconfigurable. The standard encryption plugin has the
banner:
ISS ECNRA Built-In Provider, Strong Encryption Version
Dragon uses encrypted ICMP tunnels. I've taken down my test dragon
sensors at work, so I don't know what types & codes they use.
Most vendors recommend having a seperate network for administration
and data transfer for your remote sensors. Where this is not
available, I suggest using vtun, ipsec, or any other strong encryption
VPN.
-- "Why does everyone always pick on Attila as the archetypal right wing nutcase?" "Attila is less hated than Hitler, better known than Franco, and lacks Mussolini's comic charm." -- Ben Aveling and Bill Cole, ASR
- Previous message: andy cuff: "Re: IDS Management - Port Numbers"
- In reply to: robert.d.turner@bt.com: "IDS Management - Port Numbers"
- Next in thread: Joseph E. Krause: "RE: IDS Management - Port Numbers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
