Snort mailing list archives
Remote packet sniffing?
From: "Michael Bowman" <michaelb () snbt net>
Date: Thu, 24 Jul 2003 13:29:41 -0500
Hello all! I'm one of those "new guys" here with some experience with Linux (though I've had to refresh lately as it's been a while). I'm over our networks here where I work, and it's a distributed place with 7 remote locations connected by frame. I've been asked to monitor the network at every site, something like a packet monitor would fit the bill. I've got Snort up and running on a RH 9 system, loggin to MySQL and with ACID. Besides one other Unix machine, this is the only *nix machine within our organization. So... are there remote Win agents that I can use to collect packets and report them to snort without requiring administrative login? Honestly, I wouldn't need this real time, but just store it and send it to my Linux machine every night for me to look at in th emorning (or I could learn to write rules for Snort and have it do it...) Am I working too hard on this? Thanks guys (and gals?) Michael Bowman
<<attachment: winmail.dat>>
Current thread:
- Remote packet sniffing? Michael Bowman (Jul 24)
- <Possible follow-ups>
- RE: Remote packet sniffing? CMartin (Jul 24)
- FW: Remote packet sniffing? CMartin (Jul 24)