[lug] Intrusion Detection Software. And basic secure networking.

Kevin kevin at scrye.com
Tue Sep 5 12:59:24 MDT 2000


>>>>> "John" == John Starkey <jstarkey at ajstarkey.com> writes:

John> I've checked out Portsentry, Hostsentry and a few (currently)
John> more aggressive IDS's. Anyone have any recommendations?? I would

have you looked at snort? 

John> like something that's adaptive and will work several boxes with
John> a central server. One of the site's I'm working on is a hosting
John> deal for a fan club for a major rock act. I'm sure it will
John> appear to be a playground. Nice challenge in my case :} I'm back
John> to that adhrenaline thing.

always fun. 

I am not a big fan of the intrustion detection products. Although they
have gotten better of late, they are still pretty limited. I think
it's best to tighten down to only essential traffic, so you don't need
to worry about getting probed. ;)

John> I'm setting up a box for email and a box for www/home; what's
John> the best way to link the two transparently (ie. NIS, etc.)

you want them to share file space? NFS is probibly the most
transparent solution. Being the paranoid I am, I would likely have www
a seperate file space and have to use cvs or scp to upload changes. 

John> John

kevin







More information about the LUG mailing list