[lug] Intrusion Detection Software. And basic secure networking.
kevin at scrye.com
Tue Sep 5 12:59:24 MDT 2000
>>>>> "John" == John Starkey <jstarkey at ajstarkey.com> writes:
John> I've checked out Portsentry, Hostsentry and a few (currently)
John> more aggressive IDS's. Anyone have any recommendations?? I would
have you looked at snort?
John> like something that's adaptive and will work several boxes with
John> a central server. One of the site's I'm working on is a hosting
John> deal for a fan club for a major rock act. I'm sure it will
John> appear to be a playground. Nice challenge in my case :} I'm back
John> to that adhrenaline thing.
I am not a big fan of the intrustion detection products. Although they
have gotten better of late, they are still pretty limited. I think
it's best to tighten down to only essential traffic, so you don't need
to worry about getting probed. ;)
John> I'm setting up a box for email and a box for www/home; what's
John> the best way to link the two transparently (ie. NIS, etc.)
you want them to share file space? NFS is probibly the most
transparent solution. Being the paranoid I am, I would likely have www
a seperate file space and have to use cvs or scp to upload changes.
More information about the LUG