Snort mailing list archives
RE: Snort behind host's firewall
From: "Jason Lewis" <jlewis () jasonlewis net>
Date: Fri, 8 Jun 2001 20:16:40 -0400
You are in luck. I just finished a paper that might help. http://www.packetnexus.com/docs/packetnexus/NIDS_Placement.pdf Jason Lewis http://www.packetnexus.com It's not secure "Because they told me it was secure". The people at the other end of the link know less about security than you do. And that's scary. -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of RoBSD Sent: Friday, June 08, 2001 4:14 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Snort behind host's firewall Hello, And sorry if I ask a question that has already a answer on the list! I want to deploy 4 servers on one collocation center and my servers will be in one network with servers that are not ours and I don't want to provide IDS for them. So, if it's possible to configure snort to not use promiscuous mode and to analyze only packets that pass through my firewall. I know that I can use "-h IP" but on 2 servers I will have multiple IP's (more than 20) and for this I will have to add for every new IP a new configuration! And in the same time I want to spare same CPU time and only analyze what pass the firewall! Thank you for your response! Radu Coroi -- Best regards, RoBSD mailto:robsd () softhome net _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort behind host's firewall RoBSD (Jun 08)
- RE: Snort behind host's firewall Jason Lewis (Jun 08)
- <Possible follow-ups>
- RE: Snort behind host's firewall Hawrylkiw, Dan G (Jun 08)