Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Sensor location

From: César Sanabria <cesanpin () gmail com>
Date: Tue, 9 Nov 2004 13:28:10 -0600
Hi, i'm having troubles detecting traffic, my network is more or less:

              DMZ       
               |                                |------- LAN 1  (segment 191.168.1.x)
INTERNET ---- GW --(1)---GW-- |-------- LAN 2 (segment 191.168.2.x)
                  segement X           |                .
                                                |               .
                                                |------- LAN N (segment 191.168.n.x)

I put my sensor on (1) a segment x (192.x.x.x) and i would like to
catch all traffic from every LAN (segment), but i'm not logging all
alerts, i mean, suppously i'm on the fist segment and i ping a server
on the DMZ i can't see the traffic neither in sniffer mode, so the
question is:

Why i'm not logging alerts from other segments that aren't in the same
segment where i put my sensor?.. What can i do to log alerts?


-------------------------------------------------------
This SF.Net email is sponsored by: InterSystems CACHE
FREE OODBMS DOWNLOAD - A multidimensional database that combines
robust object and relational technologies, making it a perfect match
for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: