View Single Post
  #9   (View Single Post)  
Old 10th November 2011
amrogers3 amrogers3 is offline
Port Guard
 
Join Date: Oct 2011
Posts: 20
Default

Quote:
Originally Posted by jggimi View Post

Text editors (vi, mg, emacs, vim, ... and the bazillion X-based ones) on Unix-like systems will automatically place newline bytes at the end of a line. As will echo(1), typically used with > or >> in a shell to put text in a file.

It's just a guess, of course.
Thanks for the excellent info. That may in fact be the issue, good catch. I was using vi. What editor would you recommend to make edits to these files?

Quote:
Originally Posted by jggimi View Post
Now, I don't use hosts_access. Never have, never will. If I want to filter any packets, in -or- out, by IP address, I use PF. That is common practice, best practice, and my recommendation.
That sounds good. So PF and public key for securing SSH? Anything else I should consider?

Would you recommend PF for a Snort box? I am using my openBSD install as a Snort sensor.

I see the current package of snort 2.8.6 on my openBSD 4.9 install is about to be end-of-lifed. Not sure when the packages will be updated. If you guys think a different OS would better, let me know. OpenBSD is a steep learning curve but I am trying. I like the fact that openBSD is secure.
Reply With Quote