Package: harden-doc Version: 3.10 Severity: normal Hi!
Appendix C _Setting up a stand-alone IDS_[1] has some flaws that should be fixed. [1] http://www.debian.org/doc/manuals/securing-debian-howto/ap-snort-box.en.html Firstoff: | * Download and manually (with dpkg) install necessary packages | (see installed packages list below). There's no explanation of _why_ using dpkg manually is to be preferred to an easy apt or aptitude run. I would definitely use aptitude, especially since now there's secure APT, which provides the additional bonus of checking GPG signatures... Would I make the wrong choice? Secondly: | ACID is currently packaged for Debian as acidlab. It provides a | graphical WWW interface to snort's output. It can also be | downloaded from [...] There's no explanation of _why_ acidlab is included in woody and sarge, but not in etch, nor in sid (currently). Why is the reader recommended to manually install a non-packaged piece of software? Then: | You might also want to read the Snort Statistics HOWTO. The link points to http://www.tldp.org/HOWTO/Snort-Statistics-HOWTO/index.html which currently leads me to a sorry page by TLDP ("The document or page you requested could not be found"). Finally, the list of packages is from woody (September 2001) and should be updated... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]