IDS question (for a noob)
Kurt
kessler2k at yahoo.com
Fri Aug 29 17:35:08 CDT 2003
I have a spare box lying around...
So anyway, I want to set up an IDS. I planned on using
snort, acid, mysql, etc. My question is more in
networking. There are many opinions as to the
placement of said IDS. I have NEVER dealt with
anything like this, and have *0* experience in network
security other than being paranoid at home. I just
want to learn as much as I can on my own. Now that
being said, where would you all place the thing? On
the wan line, picking up attempts? Or on the lan line?
If I understand correctly, putting it on the lan, will
only allow me to see what intrusions have already
happened? And then there is this dmz thing that I dont
seem to fully understand. All i'm really trying to
accomplish is some learning and maybe get a kick out
of checking things. Do any of you have any suggestions
as to the placement, and why? Appreciate it.
Kurt
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
More information about the Kclug
mailing list