Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Subject: Re: Snort
From: J C Lawrence (clawKANGA.NU)
Date: Thu Oct 05 2000 - 02:15:23 CDT
- Next message: Fyodor: "Re: Snort"
- Previous message: J C Lawrence: "Re: how to chroot shell accounts"
- Next in thread: Fyodor: "Re: Snort"
- Maybe reply: J C Lawrence: "Re: Snort"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 5 Oct 2000 11:13:50 -0500
John Paul Martin <jpmartinWTACCESS.NET> wrote:
> Has anyone had any experience with snort?
Yup, I run at least one copy on all of my networks.
> I currently use portsentry and like it, but I have heard great
> this about snort.
They're very different tools. One looks at a given host and is in
essence a network oriented intrustion detection system. The other
watches the wire and is specifically a network intrustion detection
> Also I have another problem: Where can I can get good documentaion
> about stopping spam through sendmail?
Look into MAPS and ORBS. That said, I generally recommend against
sendmail. There's little reason to put up with using it any more
(if you're an exception you already know why you're an exception).
Exim and Postfix are generally preferable solutions.
-- J C Lawrence Home: clawkanga.nu ---------(*) Other: coderkanga.nu http://www.kanga.nu/~claw/ Keys etc: finger clawkanga.nu --=| A man is as sane as he is dangerous to his environment |=--