tarballed
April 20th, 2005, 18:46
Being as that I have setup my PF firewall at home and seem to have it working properly, one of of my next projects is to setup snort and sguil.
One of the questions I wanted to ask is, do most people here setup a box on either the DMZ or the internal LAN that is running MySQL and other utilities like sguild and ACID? Maybe I should ask, what is a recommended setup for running snort? On the firewall itself? ON a second box somewhere else on the net.
I have a box to spare that i can use for whatever. I can start building this as we speak, but wanted to get ideas before I set out on this task.
Any recommendations?
One of the questions I wanted to ask is, do most people here setup a box on either the DMZ or the internal LAN that is running MySQL and other utilities like sguild and ACID? Maybe I should ask, what is a recommended setup for running snort? On the firewall itself? ON a second box somewhere else on the net.
I have a box to spare that i can use for whatever. I can start building this as we speak, but wanted to get ideas before I set out on this task.
Any recommendations?