locking down snort
From: Jose Guevarra (jose_at_iquest.ucsb.edu)
Date: 06/24/04
- Previous message: Matt Fisher: "Re: ASP security in HTML pages"
- Next in thread: Nasir Ghaznavi: "Re: locking down snort"
- Reply: Nasir Ghaznavi: "Re: locking down snort"
- Maybe reply: Andrew Shore: "RE: locking down snort"
- Reply: Nelson Santos: "Re: locking down snort"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <security-basics@securityfocus.com> Date: Thu, 24 Jun 2004 10:28:43 -0700
Hi,
I have some machines running snort. I'd like to restrict ssh/http and
other access to them. However, I'm not sure if in doing so, would snort not
'grab' and analyze traffic hitting those ports. I guess I'm asking
- if I blocked those ports from the outside world would I still detect say a
port scan on those ports?
- Who captures the packets first: Firewall(IPTABLES) or SNORT?
Thanks,
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
- Previous message: Matt Fisher: "Re: ASP security in HTML pages"
- Next in thread: Nasir Ghaznavi: "Re: locking down snort"
- Reply: Nasir Ghaznavi: "Re: locking down snort"
- Maybe reply: Andrew Shore: "RE: locking down snort"
- Reply: Nelson Santos: "Re: locking down snort"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
