Snort mailing list archives
RE: snort question
From: "Patrick S. Harper" <patrick () internetsecurityguru com>
Date: Sat, 19 Feb 2005 03:50:18 -0600
You can have an inline tap that will sit as a bump on the wire and monitor anything that goes threw it, and fail open. These are great for monitoring traffic going to and from the internet, or you can set a span port on your switch and monitor your vlan, this is a good way to monitor your internal. They also have regen taps that plug into a span port and regenerate it into more ports. Hope that helps Patrick S. Harper | CISSP RHCT MCSE www.internetsecurityguru.com www.ntsug.org - Snort Users Group "If there is no light at the end of the tunnel, get down there and light the dang thing yourself!" -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Jason Warren Sent: Friday, February 18, 2005 10:34 PM To: snort-users () lists sourceforge net Subject: Re: [Snort-users] snort question Mainly detection of break in attempts, bad logins, etc. We are a small business so I do not really care about what is going out. (unfortunately our sales guy already showed me the porn he looks up..... ) question on one of those taps i was apparently offered " a sweet deal " on. does that allow me to monitor my LAN and my servers that are out side the FW? i am not familiar with those devices. thanks! tony cowling wrote:
Hi Jason. What are you trying to achieve? -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Jason Warren Sent: Friday, February 18, 2005 2:48 PM To: snort-users () lists sourceforge net Subject: [Snort-users] snort question Curious on where snort would do its job better. t1 - switch - web server dns server firewall - LAN should i put snort on a box that has its own IP or on my LAN behind the firewall? thanks! jason warren ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Jason Warren IT Manager/Customer Relations Zotz Digital - Apple Pro Video/Audio Reseller 541.472.9522 - http://www.zotzdigital.com ------------------------------------------------------ Join the Zotz Discussion List. email: zotz-list-request () zotzdigital com with the word 'subscribe' in the email body. ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort question Jason Warren (Feb 19)
- <Possible follow-ups>
- RE: snort question Harper, Patrick (Feb 19)
- Re: snort question Jason Warren (Feb 19)
- RE: snort question Blair Woodmansee (Feb 19)
- RE: snort question Harper, Patrick (Feb 19)
- RE: snort question Ballard, Sean (HHS/OS) (Feb 19)
- RE: snort question Harper, Patrick (Feb 19)
- Re: snort question Jason Warren (Feb 19)
- RE: snort question Patrick S. Harper (Feb 19)
- RE: snort question tony cowling (Feb 19)
- RE: snort question Jim Hendrick (Feb 19)