Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > security-basics > 03 > 021926.html (Request Expert securityfocus.com Support)

RE: Setting up an IDS system

From: Naman Latif <naman.latif(at)inamed.com>
Date: Mon Feb 03 2003 - 12:17:52 EST


Thank you all for your help on this. I would definitely need some more tips in future as I progress, but all this info is very useful in getting me started.

Regards \\ Naman

> -----Original Message-----
www.sysnet.ie
Tel: +353 1 2983000
Fax: +353 1 2960499

-----Original Message-----
From: Naman Latif [mailto:naman.latif@inamed.com] Sent: 31 January 2003 17:34
To: security-basics@securityfocus.com
Subject: Setting up an IDS system

Hi,
I am in the process of setting up and IDS system using Linux\Snort in DMZ. A couple of questions regarding this

  1. Is it a safe practice to have access to this system from Inside Network (for retrieving log files etc) from 1-2 Stations ? Ofcourse IDS won't have access to inside network and be blocked by Firewall.
  2. What kind of services should be running on IDS Station ? Should all Web\FTp etc services be stopped ?
  • How important it is to also have an IDS system monitoring the traffic
on your Inside Network ? I believe it won't be a good idea to have the SAME DMZ IDS system with another NIC monitoring Inside Network Traffic ?

Any other suggestions OR any Links that I can refer to ?

Regards \\ Naman

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.

Do you need help?X

If you have received this message in error please notify SYSNET Ltd., at telephone no: +353-1-2983000 or postmaster@sysnet.ie

Received on Mon Feb 3 14:45:44 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:42 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library