Re: [Snort-users] Help with config
This is a discussion on Re: [Snort-users] Help with config within the Snort forums, part of the System Security and Security Related category; My guess is that you're using a switch instead of a hub. What's the make/model? Peter Peter ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
12-28-2003
|
|||
|
|||
Re: [Snort-users] Help with config
My guess is that you're using a switch instead of a hub. What's the
make/model? Peter Peter Schawacker, CISSP 43300 Warner Trail Palm Desert, CA 92211 Office: 760-200-4258 Mobile: 760-880-4258 peter@schawacker.com ----- Original Message ----- From: "Michael Thompson" <mike@thompsonmike.co.uk> To: <snort-users@lists.sourceforge.net> Sent: Sunday, December 28, 2003 12:19 AM Subject: [Snort-users] Help with config > Hi Snort-users, > > > > I have had to resort to using a hub between the ADSL Modem and > router. So my network looks like this now: > > Modem > > Hub > (Snort Listening here) > > Router / Firewall > > Remainder of network > > With this setup, snort seems unable to log anything at all. I have > been to several scanner sites and nothing is logged. What should I > set the HOME_NET variable to in this config? (Is it my global IP??) Is there any other > settings I need to change? The interface snort is plugged into on > the machine is eth1, which is activated on bootup, and snort states > it is listening there in promiscuios mode. It does not have a IP > associated with it, the RedHat config tool states this interface is > inactive, but I assume that this is as far as Gnome is concerd, and > it is active as far as snort is concerd. Am I right? > > I realise that there is no local IP's in this config, as snort is > listening before the NAT translation takes place, but at least I > will have some idea of what is hitting the firewall. > > > -- > > Best regards, > Michael (mike@thompsonmike.co.uk) > > This is only a test. > > http://www.thompsonmike.co.uk/ > PGP KeyID := 0xA9547E32 > > 'To see a world in a grain of sand > And heaven in a wild flower > To hold infinity in the palm of your hand > And eternity in an hour' > > Using TheBat! Version 2.02.3 CE > Running On Windows XP (2600, Service Pack 1) > Sent From OneAndOne > > > > ------------------------------------------------------- > This SF.net email is sponsored by: IBM Linux Tutorials. > Become an expert in LINUX or just sharpen your skills. Sign up for IBM's > Free Linux Tutorials. Learn everything from the bash shell to sys admin. > Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click > _______________________________________________ > Snort-users mailing list > Snort-users@lists.sourceforge.net > Go to this URL to change user options or unsubscribe: > https://lists.sourceforge.net/lists/...fo/snort-users > Snort-users list archive: > http://www.geocrawler.com/redir-sf.p...st=snort-users ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
