Snort mailing list archives
Listening openVPN
From: Andre Rodier <andre.rodier () red2 co uk>
Date: Sun, 06 Dec 2009 16:41:33 +0000
Hello everybody, After googling around, I can'f find any answer to my question. Is it possible to configure snort to listen on the virtual network adapter of OpenVPN (tap0) ? I have tried to configure snort to do this, but apparently this fail: var HOME_NET [10.10.1.0/24,192.168.0.0/24] 10.10.1/24 is the vpn network address, while 192.168.0.x is the physical network. I use nmap to start a portscan, and the result is accurate on both interfaces. However, the only logs from Snort I have are coming from the physical network interface 192.168.0.0/24, Do I have to do something special to authorise snort to listen this virtual interface ? Thanks. ------------------------------------------------------------------------------ Join us December 9, 2009 for the Red Hat Virtual Experience, a free event focused on virtualization and cloud computing. Attend in-depth sessions from your desk. Your couch. Anywhere. http://p.sf.net/sfu/redhat-sfdev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Listening openVPN Andre Rodier (Dec 06)
- Re: Listening openVPN Matt Olney (Dec 06)
- Re: Listening openVPN Nigel Houghton (Dec 06)
- Re: Listening openVPN Andre Rodier (Dec 06)
- Re: Listening openVPN Andre Rodier (Dec 06)
- Re: Listening openVPN Nigel Houghton (Dec 06)
- Re: Listening openVPN Matt Olney (Dec 06)