slaughtering the pig

Discussion in 'Port Explorer' started by slob, Aug 25, 2004.

Thread Status:
Not open for further replies.
  1. slob

    slob Guest

    I recently installed Snort along with Apache and MySQL. I'm relative new to intrusion detection as you may know from the following. My concern: I see a large number of connection made by apache.exe as well as mysql.exe. Just how many? Nearly 30 for apache.exe and even more for mysql.exe. My question: does this sound about right or should there be more? (of course I'm being cynical) What are some security concerns involved in leaving so many ports open? Is there a drawback in running the pig and its cohorts? (This obviously sounds ironic considering that IDS is suppose to help protect your system). Thx in advance.
     
  2. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    There really shouldn't be THAT many connections with apache of mysql unless you have visitors to your website, etc. If the website is live, this is to be expected. You will also get many people trying to port scan you, and this may show up as connections in some instances.
     
Thread Status:
Not open for further replies.