Snort mailing list archives
Re: [Manual] How to Make Asus RT-N15U Wireless Router (Tomato by Shibby Fimware) Mirror Traffic to Snort
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Tue, 8 Apr 2014 15:16:11 +0000
I’ll review it when you get done editing it. On Apr 7, 2014, at 7:04 PM, Teo En Ming <teo.en.ming () gmail com<mailto:teo.en.ming () gmail com>> wrote: Updated the manual to version 1.2. Teo En Ming On Tue, Apr 8, 2014 at 2:13 AM, Teo En Ming <teo.en.ming () gmail com<mailto:teo.en.ming () gmail com>> wrote: Updated the manual to version 1.1. Teo En Ming On Mon, Apr 7, 2014 at 7:38 PM, Teo En Ming <teo.en.ming () gmail com<mailto:teo.en.ming () gmail com>> wrote: Dear Snort Team @ Sourcefire, As some of the information on the http://www.snort.org/docs page pertaining to how to make home routers mirror traffic to Snort is outdated, could you publish this manual on the http://www.snort.org/docs page as well. Please note that the latest dd-wrt v24-SP2 and OpenWRT 12.09 firmwares NO LONGER support mirroring traffic to Snort as they are based on the Linux kernel 3.x. The kernel module ipt_ROUTE.ko is *incompatible* with Linux kernel 3.x. The ipt_ROUTE source code is only compatible with the Linux kernel 2.6.x. Please use Tomato by Shibby firmwares if you seriously want to mirror traffic to Snort. Please visit his website at http://tomato.groov.pl/ Why do you want to use Tomato by Shibby firmwares if you want to contemplate mirroring traffic to Snort? Because Tomato by Shibby firmwares are based on the Linux kernel 2.6.x. The latest is not always the greatest. After failing to mirror traffic to Snort with the latest dd-wrt and OpenWRT firmwares on my Buffalo WZR-HP-G300NH2 router, I have FINALLY successfully mirrored traffic to Snort using Tomato by Shibby firmware on my Asus RT-N15U router. I have wasted a few days and SGD$109 on the Buffalo WZR-HP-G300NH2 wireless router in attempting to mirror traffic to Snort. I have wasted a lot of time on the dd-wrt and OpenWRT firmwares. Please DO NOT use the *latest* dd-wrt and OpenWRT firmwares if you seriously want to use home routers to mirror traffic to Snort. I hope I have saved potential Snort users' (who want to use home routers to mirror traffic to Snort) time and money by providing valuable advice here. Please refer to the attached PDF file in this email for the manual which I have just written. Lastly, and the most important of all, please help me generate some alerts for my Snort IDS virtual machine. My Snort IDS is installed in a virtual machine running on Oracle VM VirtualBox. My websites are http://www.teo-en-ming.com<http://www.teo-en-ming.com/> and http://www.zhang-enming.com<http://www.zhang-enming.com/> I want to see some alerts appearing on my Snort box, just to make sure my Snort NIDS is fully operational. Yours sincerely, Teo En Ming <How to Make Asus RT-N15U Wireless Router (Tomato by Shibby Fimware) Mirror Traffic to Snort - Version 1.2.pdf>------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- [Manual] How to Make Asus RT-N15U Wireless Router (Tomato by Shibby Fimware) Mirror Traffic to Snort Teo En Ming (Apr 07)
- Re: [Manual] How to Make Asus RT-N15U Wireless Router (Tomato by Shibby Fimware) Mirror Traffic to Snort Teo En Ming (Apr 07)
- Re: [Manual] How to Make Asus RT-N15U Wireless Router (Tomato by Shibby Fimware) Mirror Traffic to Snort Teo En Ming (Apr 07)
- Re: [Manual] How to Make Asus RT-N15U Wireless Router (Tomato by Shibby Fimware) Mirror Traffic to Snort Teo En Ming (Apr 07)
- Re: [Manual] How to Make Asus RT-N15U Wireless Router (Tomato by Shibby Fimware) Mirror Traffic to Snort Joel Esler (jesler) (Apr 08)
- Re: [Manual] How to Make Asus RT-N15U Wireless Router (Tomato by Shibby Fimware) Mirror Traffic to Snort Teo En Ming (Apr 08)
- Re: [Manual] How to Make Asus RT-N15U Wireless Router (Tomato by Shibby Fimware) Mirror Traffic to Snort Teo En Ming (Apr 07)