Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Newbie question.

From: "skop d'skop" <skop () visto com>
Date: Wed, 13 Jun 2001 17:48:25 -0700
hi 
from my experience.

          ---
   A-----|IDS|----B
          ---
  IDS - running Snort on OpenBSD
  A - intel NIC with no IP (0.0.0.0) connecting ofter firewall
  B - connect to my machine (only my machine can acess this IDS box - ssh only)

1. i would be able to sniff the traffic after the firewall.
2. only my machine is able to log in with ssh
3. only port 22 is open.
4. i will need to try for some web report (still figuring out beside snortsnarf)


-skop





-----Original Message-----
From:    Julio Jaime jjaime () ticket-accor com ar
Sent:    Wed, 13 Jun 2001 17:34:49 -0300
To:      snort-users () lists sourceforge net
Subject: [Snort-users] Newbie question.


Hello list,

I want access to the reports generated by snort2html in safe form, from my
LAN.

I read the FAQ, but have doubts respect where to install Snort.
       
A )Install a machine with two boards, one without IP in promiscuo mode,
connected to hub where this Internet, the other board connected to one dmz
in the firewall. 

Or 

B )Install a machine with two boards, one without IP in promiscuo mode,
connected to hub where this Internet, the other board connected the LAN. 


Thanks a lot.


=======================================
Julio Jaime
Jefe de Tecnologia
Accor Services - Servicios Ticket S.A.
Av. Díaz Vélez 4367
(C1200 AAK) Bs. As. - Argentina
Tel.:  (54-11) 4909-1375
Fax.: (54-11) 4909-1394
jjaime () ticket-accor com ar
www.ticket-accor.com.ar
=======================================

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?listžort-users



___________________________________________________________________________
Visit http://www.visto.com/info, your free web-based communications center.
Visto.com. Life on the Dot.


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: