Snort mailing list archives
RE: snort question
From: "tony cowling" <tonycowling () sympatico ca>
Date: Sat, 19 Feb 2005 09:02:21 -0500
I hear you Jason I am in the same boat. Its tough to balance maintaining a reliable productive network without totally shutting of the outside world. I have to say I am only as far as using a good NAT PAT firewall, VPN access for any-one who wants access from outside and just recently the bleeding edge rules to try and help monitor my worst offenders. I run Snort on a static IP machine just inside my NAT firewall but before my first switch, I am only interested in traffic to and from the Internet. I do not know if you understand the problem you will have if you want to monitor traffic divided by switched ports, if not I will try to help. -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Jason Warren Sent: Friday, February 18, 2005 11:34 PM To: snort-users () lists sourceforge net Subject: Re: [Snort-users] snort question Mainly detection of break in attempts, bad logins, etc. We are a small business so I do not really care about what is going out. (unfortunately our sales guy already showed me the porn he looks up..... ) question on one of those taps i was apparently offered " a sweet deal " on. does that allow me to monitor my LAN and my servers that are out side the FW? i am not familiar with those devices. thanks! tony cowling wrote:
Hi Jason. What are you trying to achieve? -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Jason Warren Sent: Friday, February 18, 2005 2:48 PM To: snort-users () lists sourceforge net Subject: [Snort-users] snort question Curious on where snort would do its job better. t1 - switch - web server dns server firewall - LAN should i put snort on a box that has its own IP or on my LAN behind the firewall? thanks! jason warren ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Jason Warren IT Manager/Customer Relations Zotz Digital - Apple Pro Video/Audio Reseller 541.472.9522 - http://www.zotzdigital.com ------------------------------------------------------ Join the Zotz Discussion List. email: zotz-list-request () zotzdigital com with the word 'subscribe' in the email body. ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort question Jason Warren (Feb 19)
- <Possible follow-ups>
- RE: snort question Harper, Patrick (Feb 19)
- Re: snort question Jason Warren (Feb 19)
- RE: snort question Blair Woodmansee (Feb 19)
- RE: snort question Harper, Patrick (Feb 19)
- RE: snort question Ballard, Sean (HHS/OS) (Feb 19)
- RE: snort question Harper, Patrick (Feb 19)
- Re: snort question Jason Warren (Feb 19)
- RE: snort question Patrick S. Harper (Feb 19)
- RE: snort question tony cowling (Feb 19)
- RE: snort question Jim Hendrick (Feb 19)