Snort mailing list archives
AW: Question on Howto setup a snort sensor in front of firewall
From: "Poppi, Sandro" <Sandro.Poppi () wacker com>
Date: Wed, 13 Feb 2002 07:10:21 +0100
Oliver, you might also take a look at http://www.lug-burghausen.org/projects/index.html#snort-stat. Viel Spaß, Sandro
-----Ursprüngliche Nachricht----- Von: "Dörr, Oliver" [mailto:Oliver.Doerr () priacon com] Gesendet: Dienstag, 12. Februar 2002 21:02 An: 'snort-users () lists sourceforge net' Betreff: AW: [Snort-users] Question on Howto setup a snort sensor in front of firewall hello Chris ... thank you, i just try to setup linux without a ip adress. Lets see how it works. I am a "newbie" in ids and linux and so it takes a while to get all running. Oliver -----Ursprüngliche Nachricht----- Von: Chris Green [mailto:cmg () uab edu] Gesendet: Dienstag, 12. Februar 2002 20:57 An: Dörr, Oliver Cc: 'snort-users () lists sourceforge net' Betreff: Re: [Snort-users] Question on Howto setup a snort sensor in front of firewall "Dörr, Oliver" <Oliver.Doerr () priacon com> writes:Hello all I have a general question about setting up a snort sensorsystems. When Iplace the sensor in front of the firewall, it will makethis system veryvunerable against attacks. Although I would like to analyzethe data inrealtime. How can i setup such a system withoutcompromising my securityissues? Would it make sense to setup a system with snort, firewall,databaseand analyze engine or is it more usefull to transfer thedata (and how?) toa internal system for analyzing ?You should have 2 network interfaces. One is in promiscuous mode with no ip on the sensor interface and a management interface that is attached to whereever you will analyze events from. -- Chris Green <cmg () uab edu> To err is human, to moo bovine. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- AW: Question on Howto setup a snort sensor in front of firewall Poppi, Sandro (Feb 12)