Pantek Library

Hosting Provided By

CybrHost

High Speed Hosting

Setting up an IDS system

From: Naman Latif <naman.latif(at)inamed.com>
Date: Fri Jan 31 2003 - 12:34:19 EST

Hi,
I am in the process of setting up and IDS system using Linux\Snort in DMZ. A couple of questions regarding this

Is it a safe practice to have access to this system from Inside Network (for retrieving log files etc) from 1-2 Stations ? Ofcourse IDS

won't have access to inside network and be blocked by Firewall.

What kind of services should be running on IDS Station ? Should all Web\FTp etc services be stopped ?
How important it is to also have an IDS system monitoring the traffic on your Inside Network ? I believe it won't be a good idea to have the SAME DMZ IDS system with another NIC monitoring Inside Network Traffic ?
Any other suggestions OR any Links that I can refer to ?

Regards \\ Naman Received on Fri Jan 31 19:05:27 2003

This message: [ Message body ]
Next message: Glen Mehn: "Re: VNC"
Previous message: David Gillett: "RE: Actual Security Cases"
Next in thread: David M. Fetter: "Re: Setting up an IDS system"
Reply: David M. Fetter: "Re: Setting up an IDS system"
Reply: Gene Yoo: "Re: Setting up an IDS system"
Reply: Frank Barton: "Re: Setting up an IDS system"
Reply: theog: "Re: Setting up an IDS system"
Reply: James Taylor: "Re: Setting up an IDS system"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:40 EDT

Contact Us Legal Notices Order Services Online
Pantek Home Privacy Policy IT news Site Map Pantek Library