Snort mailing list archives
Re: Snort + ipchains
From: John Sage <jsage () finchhaven com>
Date: Sun, 3 Mar 2002 21:08:48 -0800
Ashley: If I've understood your question correctly, yes, snort will see packets that are DENY'ed by ipchains *if* snort is running on the same box as ipchains. That's exactly what I'm doing, and snort sees everything ipchains does. If snort is off on another box, behind the ipchains box, it's another matter entirely. HTH.. - John -- Most people don't type their own logfiles; but, what do I care? On Sun, Mar 03, 2002 at 08:35:05PM -0500, Ashley Thomas wrote:
hi, I need to run snort inside the firewall as well as outside it. I need to run outside to know the attacks which cannot make it thru the firewall. So if i run snort on the same machine , will snort see the packets which are blocked by the firewall (ipchains). thanks ashley
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort + ipchains Ashley Thomas (Mar 03)
- Re: Snort + ipchains John Sage (Mar 03)