Quote:
Originally Posted by jggimi
Text editors (vi, mg, emacs, vim, ... and the bazillion X-based ones) on Unix-like systems will automatically place newline bytes at the end of a line. As will echo(1), typically used with > or >> in a shell to put text in a file.
It's just a guess, of course.
|
Thanks for the excellent info. That may in fact be the issue, good catch. I was using vi. What editor would you recommend to make edits to these files?
Quote:
Originally Posted by jggimi
Now, I don't use hosts_access. Never have, never will. If I want to filter any packets, in -or- out, by IP address, I use PF. That is common practice, best practice, and my recommendation.
|
That sounds good. So PF and public key for securing SSH? Anything else I should consider?
Would you recommend PF for a Snort box? I am using my openBSD install as a Snort sensor.
I see the current package of snort 2.8.6 on my openBSD 4.9 install is about to be end-of-lifed. Not sure when the packages will be updated. If you guys think a different OS would better, let me know. OpenBSD is a steep learning curve but I am trying. I like the fact that openBSD is secure.