• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 401
  • Last Modified:

Snort deployment

Hello, I am currently planning on deploying snort. I have ISA 2004 as my firewall with 2 network cards filtering traffic. I was thinking installing snort on that box or maybe installing Windows 2003 as a virtual server on that box and installing snort on the virtual server to be safe.

What are the best practices on installing these types of analyzer programs? on boxes with 2 network cards or can it be just one NIC?

Oh, are there any differences between snort for linux and snort for windows security wise? I have heard that linux is much secure than windows many times and wanted to know which platform is trusted more at the enterprise level. thanks for the help.
0
elyrodriguez
Asked:
elyrodriguez
  • 2
1 Solution
 
xDamoxCommented:
Hi,

Snort is a utility you install on Linux its not an operating system, I would strongly recommend you have a look at smoothwall
its and excellent pieace of software.

http://www.smoothwall.org/

Heres what is said about smoothwall:

SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Linux is the ideal choice for security systems; it is well proven, secure, highly configurable and freely††† available as open source code. SmoothWall includes a hardened subset of the GNU/Linux operating system, so there is no separate OS to install. Designed for ease of use, SmoothWall is configured via a web-based GUI, and requires absolutely no knowledge of Linux to install or use.
0
 
elyrodriguezAuthor Commented:
Ok thanks for the info. I do understand that snort is not an operating system. I am talking about the versions of snort that exist for linux and for windows called winsnort. I was asking about the differences between those versions of snort on those respective OS platforms.

I was also asking about the deployment. I am currently supporting ISA 2004 on top of Win 2003 with 2 nework cards and I was wondering if its viable to install a virtual server(win 2003) on that box with 2 NICS to run snort on OR can snort be installed on a box with only 1 NIC.

I am now downloading smoothwall. I will check it out. Thanks again for the info.


0
 
xDamoxCommented:
Hi,

Well I would suggest using snort with Linux as that was its prime release, Smoothwall I belive does support snort :).

With the Win 2003 server you would just need to configure snort to listen on the network card which, is reciving the
internet traffic for it to filter.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now