Snort mailing list archives
Re: Snort and acidcenter
From: Allan Dover <adover () rogers com>
Date: Wed, 1 Jan 2003 19:31:41 -0500
This is very interesting. I use a netgear switch for my wan and lan. When someone surfs a porn site in my house, I see it come up on ACID. I do not get the url, I just get the IP address. Snort is set on eth0 which is the DMZ port on my router. I see all traffic that comes through my switch and router. Maybe I am not understanding the difference and why snort would care or not see activity on a switched network if it was set that way. On Wednesday 01 January 2003 01:38 pm, Rich Adamson wrote:
i have a netgear dualspead 10/100 hub... are you telling me this wont work ?I use the Netgear DS104 dual speed hub when professionally evaluating networks. It works fine for sniffing, snort, etc, "except" when equipment attached to the hub are operating at different speeds. If you statically define the interface speed (for each attached device) at the exact same speed for all devices, the hub will work fine. However, if one interface is operating at 100 megabits (as an example) and others are at 10 megabit, there is a very high probability the hub will start functioning as a switch and you won't see packets passing between interfaces as expected. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Snort and acidcenter Rigoberto De la Portilla (Jan 01)
- RE: Snort and acidcenter Rich Adamson (Jan 01)
- Re: Snort and acidcenter Allan Dover (Jan 01)
- Re: Snort and acidcenter Rich Adamson (Jan 01)
- Re: Snort and acidcenter Allan Dover (Jan 01)
- RE: Snort and acidcenter Rich Adamson (Jan 01)