Snort mailing list archives
snot over Bridge-firewall
From: "Lsalas TNTPOKER" <lsalas () tntpoker net>
Date: Fri, 21 Dec 2001 08:51:58 -0500
I have a bridge-firewall whit STP and iptables, this is running very fine, but I need check the attack and port scan, incoming to my server through to my bridge-firewall, this servers is after of my bridge-firewall, I put portsentry and snort in my bridge-firewall, but portsentry only detect the scan ports localy, but I need detect the incoming port scan. Snort , well... snort dont say nothing, I think that snort not run fine in a bridge.... I´m not sure. My configuration with snort is fine,I know because this is running fine in other servers. you have some idea? I need check the attack and portscan incoming to my network and then make a dinamic firewall. My bridge have a IP address for administrative use.
Current thread:
- snot over Bridge-firewall Lsalas TNTPOKER (Dec 22)