Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Snort deployment

Posted on 2006-06-09
3
379 Views
Last Modified: 2012-05-05
Hello, I am currently planning on deploying snort. I have ISA 2004 as my firewall with 2 network cards filtering traffic. I was thinking installing snort on that box or maybe installing Windows 2003 as a virtual server on that box and installing snort on the virtual server to be safe.

What are the best practices on installing these types of analyzer programs? on boxes with 2 network cards or can it be just one NIC?

Oh, are there any differences between snort for linux and snort for windows security wise? I have heard that linux is much secure than windows many times and wanted to know which platform is trusted more at the enterprise level. thanks for the help.
0
Comment
Question by:elyrodriguez
  • 2
3 Comments
 
LVL 16

Expert Comment

by:xDamox
ID: 16877298
Hi,

Snort is a utility you install on Linux its not an operating system, I would strongly recommend you have a look at smoothwall
its and excellent pieace of software.

http://www.smoothwall.org/

Heres what is said about smoothwall:

SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Linux is the ideal choice for security systems; it is well proven, secure, highly configurable and freely††† available as open source code. SmoothWall includes a hardened subset of the GNU/Linux operating system, so there is no separate OS to install. Designed for ease of use, SmoothWall is configured via a web-based GUI, and requires absolutely no knowledge of Linux to install or use.
0
 

Author Comment

by:elyrodriguez
ID: 16877788
Ok thanks for the info. I do understand that snort is not an operating system. I am talking about the versions of snort that exist for linux and for windows called winsnort. I was asking about the differences between those versions of snort on those respective OS platforms.

I was also asking about the deployment. I am currently supporting ISA 2004 on top of Win 2003 with 2 nework cards and I was wondering if its viable to install a virtual server(win 2003) on that box with 2 NICS to run snort on OR can snort be installed on a box with only 1 NIC.

I am now downloading smoothwall. I will check it out. Thanks again for the info.


0
 
LVL 16

Accepted Solution

by:
xDamox earned 200 total points
ID: 16877825
Hi,

Well I would suggest using snort with Linux as that was its prime release, Smoothwall I belive does support snort :).

With the Win 2003 server you would just need to configure snort to listen on the network card which, is reciving the
internet traffic for it to filter.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
Fine Tune your automatic Updates for Ubuntu / Debian
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question