Snort mailing list archives
Snort on Checkpoint Firewall-1
From: "Dresen, Scott" <sdresen () med wayne edu>
Date: Fri, 19 Oct 2001 16:54:55 -0400
I'm running Snort v1.8.1 on the same Linux box that I'm running a Checkpoint Firewall-1 firewall. However, my snort logs are not showing any activity. When I ran Snort with IPTables, I saw plenty of activity. I'm wondering if anyone knows whether or not Checkpoint runs at a higher priority on Linux and therefore blocks packets before Snort has a chance to analyze them? TIA, Scott
Current thread:
- Snort on Checkpoint Firewall-1 Dresen, Scott (Oct 19)
- RE: Snort on Checkpoint Firewall-1 Ofir Arkin (Oct 19)
- So many of false alerts Syed Mohammad Talha (Oct 19)
- Re: Snort on Checkpoint Firewall-1 Fyodor (Oct 20)
- RE: Snort on Checkpoint Firewall-1 Ofir Arkin (Oct 19)