Snort mailing list archives
Re: Snort basic questions
From: Fyodor <fygrave () tigerteam net>
Date: Sun, 10 Jun 2001 19:41:04 +0700
On Sun, Jun 10, 2001 at 12:07:56PM +0100, Effi Baruch wrote:
Hi, I have some basic questions about the Snort: 1. Can I send syslogs with it to another computer ? If yes, how can it be done ?
in your /etc/syslog.conf: snortsyslog.level @hostname Snortsyslog level is the facility.level which snort does logging with.
2. What is the maximum amount of traffic it can handle ?
Depends on your CPU power/ram..
3. Can I listen to traffic and examine it without logging it (using only the alert option) ? If yes, how can it be done ?
-N option.
4. I saw there is a list of rules I can use (DoS etc.). If I want to use them all, should I need to copy it to a single rules file ?
use snort.conf, it includes them all. -- http://www.notlsd.net PGP fingerprint = 56DD 1511 DDDA 56D7 99C7 B288 5CE5 A713 0969 A4D1 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort basic questions Effi Baruch (Jun 10)
- Re: Snort basic questions Fyodor (Jun 10)