Re: Locking Down a Linux Box
From: Alex Collins (alex@geoquark.com)Date: 12/23/01
- Previous message: Alvin Oga: "Re: Locking Down a Linux Box"
- In reply to: Kevin Robitaille: "Locking Down a Linux Box"
- Next in thread: crazytrain.com: "Re: Locking Down a Linux Box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Alex Collins <alex@geoquark.com> To: Kevin Robitaille <kevin.robitaille@ergogroup.com>, focus-linux@securityfocus.com Date: Sun, 23 Dec 2001 10:17:04 +0000
On Friday 21 December 2001 1:30 pm, Kevin Robitaille wrote:
> Any one out there know good reference for securing a
> Linux 7.2 Server OS. I'm new to using Linux and need
> to lock down a system for use as an IDS Sensor. Any
> help would be appreciated.
How were you going to set it up?
I assume you would go for 2 NICs, one for connection to the network segment
to be watched, and one to a management lan - this would have any tools running
that you use for managing the sensor.
The NIC on the watched lan would best be in Promicuous mode and configured
without an IP address (hence it cannot be directly reached by other computers
on that network.
This then allows you to manage the sensor (retrive logs / view alerts) but
without making the Sensor available at the IP level on the network you are
watching.
Alex Collins
- Previous message: Alvin Oga: "Re: Locking Down a Linux Box"
- In reply to: Kevin Robitaille: "Locking Down a Linux Box"
- Next in thread: crazytrain.com: "Re: Locking Down a Linux Box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
