hi ya
> I need ur views on SNORT tool for intrusion detection
prevent/minimize their possible exploits first...
- tighten your security ???
- take a minute to run nmap and close off all ports listed
and turn off all daemons listed
- upgrade to latest/greatest version/patches of the sw
- fix the file system permissions and passwd files
snort just tells you that you've been scanned or attempted ??
- run snort, portsentry
- logcheck, swatch etc for log file monitoring
i think its more important to know that they got in ???
- run tripwire, aide, etc
http://www.Linux-Sec.net
have fun
alvin
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
