Quick Question

["McBurnett, Jim" <jmcburnett () msmgmt com>]

Hello all-- 
I want to IDS sense traffic on the unprotected 
side of my firewall.
If I block traffic to the IP address the SNORT 
machine is configured as,
that should not prevent it from "sniffing" the 
traffic on the network segment should it?

Assume the following:
Win XP or Red Hat OS loaded.
In switched ethernet environment with Port mirroring 
setup to pass all traffic to the port of the SNORT box..

Thoughts? ideas?

Thanks,
J





-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger
for complex code. Debugging C/C++ programs can leave you feeling lost and
disoriented. TotalView can help you find your way. Available on major UNIX
and Linux platforms. Try it free. www.etnus.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users