[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 396
  • Last Modified:

Snort deployment

Hello, I am currently planning on deploying snort. I have ISA 2004 as my firewall with 2 network cards filtering traffic. I was thinking installing snort on that box or maybe installing Windows 2003 as a virtual server on that box and installing snort on the virtual server to be safe.

What are the best practices on installing these types of analyzer programs? on boxes with 2 network cards or can it be just one NIC?

Oh, are there any differences between snort for linux and snort for windows security wise? I have heard that linux is much secure than windows many times and wanted to know which platform is trusted more at the enterprise level. thanks for the help.
0
elyrodriguez
Asked:
elyrodriguez
  • 2
1 Solution
 
xDamoxCommented:
Hi,

Snort is a utility you install on Linux its not an operating system, I would strongly recommend you have a look at smoothwall
its and excellent pieace of software.

http://www.smoothwall.org/

Heres what is said about smoothwall:

SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Linux is the ideal choice for security systems; it is well proven, secure, highly configurable and freely††† available as open source code. SmoothWall includes a hardened subset of the GNU/Linux operating system, so there is no separate OS to install. Designed for ease of use, SmoothWall is configured via a web-based GUI, and requires absolutely no knowledge of Linux to install or use.
0
 
elyrodriguezAuthor Commented:
Ok thanks for the info. I do understand that snort is not an operating system. I am talking about the versions of snort that exist for linux and for windows called winsnort. I was asking about the differences between those versions of snort on those respective OS platforms.

I was also asking about the deployment. I am currently supporting ISA 2004 on top of Win 2003 with 2 nework cards and I was wondering if its viable to install a virtual server(win 2003) on that box with 2 NICS to run snort on OR can snort be installed on a box with only 1 NIC.

I am now downloading smoothwall. I will check it out. Thanks again for the info.


0
 
xDamoxCommented:
Hi,

Well I would suggest using snort with Linux as that was its prime release, Smoothwall I belive does support snort :).

With the Win 2003 server you would just need to configure snort to listen on the network card which, is reciving the
internet traffic for it to filter.
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now