Snort mailing list archives
RE: snort & acid how-to
From: Steve Halligan <agent33 () geeksquad com>
Date: Wed, 21 Nov 2001 11:57:03 -0600
Check out: http://www.andrew.cmu.edu/~rdanyliw/snort/snortacid.html It is chock full o' answers to all of you DB/ACID related questions. INSIDE or OUTSIDE depends on what you are hoping to detect. INSIDE you can see what you internal users are doing and see outside traffic that made it inside. OUTSIDE you can see inside traffic that made it out and outside traffic BEFORE it gets filtered by your firewall/nat box/ipchain/ipfilters/etc. -Steve i installed snort 1.7 on my FBSD machine...seems to be running ..however ...in the snort.conf ...i had it ( for the moment ) log to syslog... question 1 is ....how do i OR is there a good "how-to " on getting snort to work with mysql ...and acid ? question 2 is ...I have it running on the INSIDE interface ( the box is doing NAT) should i be running it on the inside or outside interface ?? any and all help is GREATLY appreciated. :-) thanx Brent _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort & acid how-to Brent (Nov 21)
- Re: snort & acid how-to Arvind Clemente (Nov 21)
- <Possible follow-ups>
- RE: snort & acid how-to Steve Halligan (Nov 21)