Snort mailing list archives
question about using SNORT to look at multiple NICs on one system
From: "Jacobi, Michael W CIV NSWCCD Philadelphia, 10432" <michael.jacobi1 () navy mil>
Date: Tue, 11 Aug 2015 15:45:51 +0000
All - After a reorganization of our snort sensors, we have one system that is looking at traffic on multiple NICs and I seem to be seeing detects on only one of them and I am trying to find why. Before the change, the sensors at these locations were generating alerts. Currently, there are SNORT instances on this system for each of the NICs in question and a quick TCPDUMP shows that all of the interfaces are seeing traffic. Besides having a SNORT instance on this system for each NIC we want to monitor, Is there anything else that I need to do to make this work (we are currently using BARNYARD2 to get the alerts to a central database)? Mike Jacobi NSWC Philadelphia PA ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- question about using SNORT to look at multiple NICs on one system Jacobi, Michael W CIV NSWCCD Philadelphia, 10432 (Aug 11)
- Re: question about using SNORT to look at multiple NICs on one system waldo kitty (Aug 11)
- Re: question about using SNORT to look at multiple NICs on one system Jacobi, Michael W CIV NSWCCD Philadelphia, 10432 (Aug 12)
- Re: question about using SNORT to look at multiple NICs on one system waldo kitty (Aug 12)
- Re: question about using SNORT to look at multiple NICs on one system Jacobi, Michael W CIV NSWCCD Philadelphia, 10432 (Aug 12)
- Re: question about using SNORT to look at multiple NICs on one system waldo kitty (Aug 11)