|
You can actually go two routes for a good snort box
in an untrusted zone.
1) Bastille, which has been mentioned before,
or
2) Don't give the box an IP address. I don't
know the specifics, but I've seen in CERT lists that you can put the NIC in
promiscuous mode without an IP. The box will still receive all of the
packets on the wire, but it won't be able to reply and the black hats won't be
able to see the box. You'll have to do everything from the console, but
you'll have a truly hack-proof box.
Ben
|
- Minimum Configuration / Hardening Rich Lichvar
- Re: Minimum Configuration / Hardening Andrew MacKenzie
- Re: Minimum Configuration / Hardening Jonathan Bartlett
- Re: Minimum Configuration / Hardening Ed Wilts
- Re: Minimum Configuration / Hardening Neil Thompson
- OT: Regarding Re: Minimum Configurati... Edward Croft
- Re: OT: Regarding Re: Minimum Con... Edward Croft
- Re: Minimum Configuration / Hardening MKlinke
- Re: Minimum Configuration / Hardening Benjamin J. Weiss
- Re: Minimum Configuration / Hardening Ryan McDougall
- Re: Minimum Configuration / Hardening Benjamin J. Weiss
- Re: Minimum Configuration / Hardening Andrew MacKenzie
- Re: Minimum Configuration / Hardening Keith Morse
- Re: Minimum Configuration / Hardening Keith Morse
- Re: Minimum Configuration / Hardening Jerry Hubbard
- RE: Minimum Configuration / Hardening Esler, Joel Contractor
