PaulDotCom mailing list archives
snort and honeyd
From: paul at pauldotcom.com (Paul Asadoorian)
Date: Thu, 06 Nov 2008 14:30:52 -0500
Hi David, Just a thought, if you run Snort on the host machine, and its in bridged mode, won't you see all the traffic from the VMs? Cheers, Paul David Grubers wrote:
I've got a honeyd server with about 5 virtual machines, with snort running on the host. Can anyone give some wisdom on configuring snort to generate alerts for all the IPs (they are sequential) instead of just the host box? Thanks, David _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- Paul Asadoorian PaulDotCom Enterprises Web: http://pauldotcom.com Phone: 401.829.9552 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 257 bytes Desc: OpenPGP digital signature Url : http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20081106/3bb1f9fc/attachment.pgp
Current thread:
- snort and honeyd David Grubers (Nov 05)
- snort and honeyd Joel Esler (Nov 06)
- snort and honeyd Paul Asadoorian (Nov 06)
- snort and honeyd David Grubers (Nov 09)
- snort and honeyd Paul Asadoorian (Nov 11)
- snort and honeyd David Grubers (Nov 09)