Snort mailing list archives
Re: Snort and topology
From: Joel Esler <eslerj () gmail com>
Date: Wed, 8 Apr 2009 08:11:06 -0400
So you have two sites, how are they connected to each other? Does all internet traffic go through one site, or both sites? Joel On Wed, Apr 8, 2009 at 5:42 AM, Emmanuel Lesouef <e.lesouef () crbn fr> wrote:
Hi, I'm currently planning to deploy snort (which I already did on one server) but I would like to build sort of a network of nids. I'm explaining. We use several vlans and geographically different site. I don't know exactly how to make my snort network be the best as I could considering this topology : Site1 <-> Primary Site <-> Site 2 I was thinking about having snort on each site but the primary one be considered as the "monitoring" one, as if it was aggregating data collected and analysed on distant sites. Can someone give some advice about this sort of deployment ? Is it possible to configure a network of nids ? Thanks for all the infos you can give. -- Emmanuel Lesouef ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- joel esler | Sourcefire | gtalk: jesler () sourcefire com | 302-223-5974 ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort and topology Emmanuel Lesouef (Apr 08)
- Re: Snort and topology Joel Esler (Apr 08)
- Re: Snort and topology Emmanuel Lesouef (Apr 08)
- Re: Snort and topology Joel Esler (Apr 08)
- Re: Snort and topology Emmanuel Lesouef (Apr 08)
- Re: Snort and topology Joel Esler (Apr 08)