[Firehol-support] snort and firehol: can they co-exist peacefully?
R G Cottrell
rossc at froggy.com.au
Mon Aug 2 20:35:41 BST 2004
I'm running a Debian GNU/Linux system (2.4.18 kernel) and I'd like to
know whether firehol and snort can work together peacefully.
At the moment, firehol starts at boot time and snort starts when my ppp
connection comes up. I've checked the logs and snort seems happy, and I
don't get any error messages from firehol if I restart it after snort has
set itself up. Debian's apt-get doesn't complain that they're incompatible.
I'm nervous, though. Wouldn't snort set up a firewall after boot time and
overwrite the firewall that firehol has set up. Do I have to run firehol
after snort has initialised?
Or am I missing something fundamental. I admit that I'm a newcomer to
firewalls and intrusion detection.
More information about the Firehol-support