[Snort-users] [Snort-users]Problem with configuration
This is a discussion on [Snort-users] [Snort-users]Problem with configuration within the Snort forums, part of the System Security and Security Related category; I have done a basic setup with snort and have been using on the internet side of the firewall. But ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-28-2004
|
|||
|
|||
[Snort-users] [Snort-users]Problem with configuration
I have done a basic setup with snort and have been using on the internet side
of the firewall. But due to the large amount of noise I decided to move/connect it to my internal subnet. When I move from my external subnet to my internal subnet, everthing appears to stop working. I checked my snort.conf file and $HOMENET is set to any the $EXTERNALNET is set to any also. If I reconnect the system back to the external subnet it works fine again. When I connect to the internal network I reboot the system and checked make sure that I have a connection and can see traffic using tcpdump. When I run nmap against the snort server or any other computer connected to the hub I do not get any alerts (default rules). I feel like there is just one little thing I forgot and I can't put my finger on it. Am I testing this correctly? Any ideas? snort-2.0.5 Jim ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
