Network Security

Question 14

Will it be [a] useful idea to take precautions against technical and administrative use of Snort?

As Snort can be configured to act purely as a packet sniffer, Snort is potentially a very useful tool for a hacker. Packets sent without any encryption have the same level of security as a postcard, Thus, passwords can be seen, email read, websites visited can be registered, databse accesses logged, etc. An intruder having just some of this information can potentially learn a lot about the internal workings of a company. Thus, preventing un-authorized deplyment and use of Snort on the corporate network is a very good idea.