Portal Home > Knowledgebase > Articles Database > Snort as security enhancement tool

Snort as security enhancement tool

Posted by Master Bo, 08-07-2008, 01:11 AM

Hello, Do many hosters use Snort (intrusion prevention software) on their servers as means to raise security level? If not Snort, what other intrusion detection/related tools are currently popular? It would be great to learn the opinion of hosters as well. Early-warning intrusion detection could be very useful in many cases. Thank you in advance.

---

Posted by LinkLine_1, 08-07-2008, 05:12 PM

Snort can be hard to scale up to high traffic loads, and it usually generates a ton of false positives that would need to be followed. Most hosters generally do not worry about what traffic is being passed unless it's so much that it's harming the network, or they get complaints to the abuse desk. It would be a gargantuan task to correlate traffic patterns for different individual users against what they should actually be passing, given the amount of garbage on the modern internet. It's generally easier just to setup a firewall/filter to block what's not being used and focus on securing what's left (web server, ftp server, sql server, etc).

---

Posted by techryan, 08-17-2008, 01:32 AM

Hi, There are popular tools other than snort and these are all free. They are Endian Firewall,Untangle,Bro NIDS,Prelude Hybrid IDS,OSSEC HIDS. <> Last edited by Mike V; 08-17-2008 at 02:18 AM.

---

Posted by brianoz, 08-18-2008, 11:33 AM

CSF is probably the most popular firewall/intrusion alert tool out there at the moment. Simple and effective. www.configserver.com/cp/csf.html

---

Add to Favourites    Print this Article

building a cdn (Views: 784)

Cheap Reseller Accounts? (Views: 799)

I need a Reseller Plan (Views: 836)

Slow DNS resolve (Views: 748)

UK hosting: Innohost or iFuse? (Views: 820)