Snort mailing list archives
Re: How to place Snort machine on the network ?
From: Greg Herlein <gherlein () herlein com>
Date: Tue, 8 Jan 2002 13:54:29 -0800 (PST)
then the switch is likely to be misconfigured. To confirm this, turn off snort & launch tcpdump then send some traffic from one host to another (without involving the snort box of course).
Or just start snort in capture mode -
snort -avd
:) I found snort initially because it was a much more readable
packet sniffer than tcpdump format. I got hooked on it's IDS
capabilities, but still use it for capture all the time... though
tethereal is nifty for it's higher layer analysis capabilites.
Greg
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- How to place Snort machine on the network ? Syed Tariq Mustafa (Jan 08)
- Re: How to place Snort machine on the network ? skadhi (Jan 08)
- Re: How to place Snort machine on the network ? Greg Herlein (Jan 08)
- Re: How to place Snort machine on the network ? Saad Kadhi (Jan 08)
- Re: How to place Snort machine on the network ? Greg Herlein (Jan 08)
- <Possible follow-ups>
- Re: How to place Snort machine on the network ? Szilagyi Gergely (Jan 09)
- Re: How to place Snort machine on the network ? skadhi (Jan 08)