snort and VLANs

["Mohr, Stefan" <sm () mediascape de>]

hi everybody,

i am just thinking of my future confuguration (my machine will be ready in
th enext days to run snort the first time) and i have the following problem:

i want to monitor traffic with snort in very different networks wirh
different netmasks etc. - but all this networks are located on a layer3
switch (CISCO) where of course our admin can put all of these networks -
which are really VLANs - to one port (easy, he said!). when i set my network
card with it`s ip addr to one of thesse networks, i am sure, that i can
monitor traffic in it. but due to the fact that this port will have alle the
packets from the other VLANs these are "around" my network card too. the one
and only question ist: will this network card cathc this traffic too, when
snort is running? or do i have to configure something special on my linux
box or is it impossible to catch alle information travveling around
there.....

thx,

stefan

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users