Snort mailing list archives
Re: Snort Deployment
From: Joe Pampel <jpampel () paladyne com>
Date: Mon, 3 May 2010 06:50:58 -0400
If your budget allows, the most flexible solution is a tap. Otherwise if you have a switch outside the firewall see if it supports span ports. You would span the port which represents the traffic you are trying to watch. You need a snort sensor with 2 interfaces (min) one is ip'd and for management, the other is unnumbered and will connect to the span port. There are other ways, but there are two to get you started. Joe On May 3, 2010, at 4:38 AM, "Kum Weng Luey" <kumwengluey () gmail com> wrote:
Hi guys, I have been trying out snort for quite some time now and it works great. I do want to try implementing snort in a live environment but am kinda clueless how. I want to sniff for traffic before it hits the firewall and enters the internal network. What would be the most optimal setup for the PC and how many interfaces do I need? Hope to get some advice. Thanks a lot. Regards, KW <ATT00001..txt> <ATT00002..txt>
The information contained in this correspondence is intended solely for the person or entity entitled to receive the confidential and/or privileged material that it may contain. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, the information in this correspondence (including any attachments) by anyone other than the intended recipient is strictly prohibited. If you believe that you may not be the intended recipient, please destroy and/or delete this correspondence and the attachment(s). ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort Deployment Kum Weng Luey (May 03)
- Re: Snort Deployment Joe Pampel (May 03)
- Re: Snort Deployment Joel Esler (May 03)
- Re: Snort Deployment akos . daniel (May 03)
- Re: Snort Deployment Joe Pampel (May 03)
- Re: Snort Deployment Joel Esler (May 03)
- Re: Snort Deployment Kum Weng Luey (May 03)
- Re: Snort Deployment JJ Cummings (May 04)
- Re: Snort Deployment akos . daniel (May 03)