Snort mailing list archives
help
From: Punam Prasad <spunamprasad () yahoo com>
Date: Wed, 27 Feb 2002 01:24:59 -0800 (PST)
Kindly unsubscribe me from teh snort mailing list. Thanks and Regards Punam --- snort-users-request () lists sourceforge net wrote:
Send Snort-users mailing list submissions to snort-users () lists sourceforge net To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/snort-users
or, via email, send a message with subject or body 'help' to snort-users-request () lists sourceforge net You can reach the person managing the list at snort-users-admin () lists sourceforge net When replying, please edit your Subject line so it is more specific than "Re: Contents of Snort-users digest..." Today's Topics: 1. RE: Workstation or Server in RH 7.2? (Lawler, John) 2. Re: Seg Fault (Chris Green) 3. Second Sensor/NIC and SNMP (Stuart Hall) 4. Re: BPF/libpcap performance, was Re: Seg Fault (Erek Adams) 5. Re: BPF/libpcap performance, was Re: Seg Fault (Ashley Thomas) 6. Re: BPF/libpcap performance, was Re: Seg Fault (Chris Green) 7. Re: BPF/libpcap performance, was Re: Seg Fault (Erek Adams) 8. Re: Interesting traffic... (Ashley Thomas) 9. Re: BPF/libpcap performance, was Re: Seg Fault (Erek Adams) 10. Re: Workstation or Server in RH 7.2? (Demetri Mouratis) 11. Re: Interesting traffic... (Scott Taylor) 12. Re: BPF/libpcap performance, was Re: Seg Fault (Phil Wood) --__--__-- Message: 1 From: "Lawler, John" <John_Lawler () ats-ohio com> To: "'snort-users () lists sourceforge net'" <snort-users () lists sourceforge net> Subject: RE: [Snort-users] Workstation or Server in RH 7.2? Date: Tue, 26 Feb 2002 17:21:08 -0500 I myself use a very stripped down custom install with only the things needed to run snort. The things you would need installed would also depend on if you were running mysql on the box as well for acid etc. -----Original Message----- From: CGI [mailto:synecoro () yahoo ca] Sent: Tuesday, February 26, 2002 4:33 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Workstation or Server in RH 7.2? What installation you are using for Snort in Red Hat, Workstation or Server and why? Thanks
______________________________________________________________________
Find, Connect, Date! http://personals.yahoo.ca _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
--__--__-- Message: 2 To: snort-users () lists sourceforge net Subject: Re: [Snort-users] Seg Fault From: Chris Green <cmg () uab edu> Reply-To: snort-users () lists sourceforge net Date: Tue, 26 Feb 2002 16:38:44 -0600 spyguy703 <spyguy703 () yahoo com> writes:I had same problem with RH 7.2 and built fromsource and things worked ok...Slightly off topic ranting: FWIW and IMHO, run your snort'er on a headless (nox-windows) FreeBSD box.FreeBSD supposedly has the fastest TCPIP stack andwhen you follow the FYI, its BPF/libpcap performance and not TCP stack performance that is the issue when it comes to snort -- Chris Green <cmg () uab edu> Don't use a big word where a diminutive one will suffice. --__--__-- Message: 3 From: "Stuart Hall" <sdenigma () hotmail com> To: Snort-users () lists sourceforge net Date: Tue, 26 Feb 2002 22:40:18 +0000 Subject: [Snort-users] Second Sensor/NIC and SNMP Wondering if anyone had some relevant information for running SNMP with Snort. I see the variables in the snort.conf but I'm not the strongest SNMP user so was hoping there was a nice reference page available (other than the SNMP-readme). Also, my Snort box has been running for several months but I want to add a second NIC and sensor for mysql/demarc. I can get the sensor to register in Demarc but it always binds to the wrong NIC. I have three NIC's, one runnign snort, one internally accessible and one that won't bind. This is on W2K. Any suggestions? Am I missing an mysql step? Thanks, Stuart
_________________________________________________________________
MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx --__--__-- Message: 4 Date: Tue, 26 Feb 2002 15:02:17 -0800 (PST) From: Erek Adams <erek () theadamsfamily net> To: Chris Green <cmg () uab edu> cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] BPF/libpcap performance, was Re: Seg Fault On Tue, 26 Feb 2002, Chris Green wrote:FYI, its BPF/libpcap performance and not TCP stackperformance that is theissue when it comes to snortOk, with that being said, here's a question: Is it worth upgrading to another version of libpcap each time it comes out? Or tracking it's CVS as well? Along those lines, would there be any useful TCP/IP stack parameters to tune/change, or would that just be a waste of effort? ----- Erek Adams Nifty-Type-Guy TheAdamsFamily.Net --__--__-- Message: 5 Date: Tue, 26 Feb 2002 18:10:06 -0500 (EST) From: Ashley Thomas <athomas () unity ncsu edu> To: Erek Adams <erek () theadamsfamily net> cc: Chris Green <cmg () uab edu>, <snort-users () lists sourceforge net> Subject: Re: [Snort-users] BPF/libpcap performance, was Re: Seg Fault
=== message truncated === __________________________________________________ Do You Yahoo!? Yahoo! Greetings - Send FREE e-cards for every occasion! http://greetings.yahoo.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- help Punam Prasad (Feb 27)
- Re: help John Sage (Feb 27)