Snort mailing list archives
Snort Setup Suggestions? *NEWBIE QUESTION*
From: "Charles Hamby" <fixer () gci net>
Date: Mon, 12 Aug 2002 09:10:15 -0800
I'm getting readying to helping the sysadmin from my college setup a Snort sensor (Win32), and I'd like to get some input. The network Snort's being installed on is non-firewalled (I know, I know, I've been arguing with him about this for a year, but to no avail) Win2k domain. Neither of us know enough about Linux to know with a Linux version, so I've decided on the win32 distro. They're using an entirely switched network, so since getting a tap would cost money (which they don't have), we're looking at setting up the Snort sensor at the network ingress point. The only problem I have is that doing so will require adding IIS in order to view the logs (can you say security hole?) unless the sysadmin wants to walk down to the comm. Closet several times a day to check the snort logs (doubtful). Does anyone know of another way around this (as you can tell, I'm really new to Snort). Thanks! -Charles
Current thread:
- Snort Setup Suggestions? *NEWBIE QUESTION* Charles Hamby (Aug 12)
- Re: Snort Setup Suggestions? *NEWBIE QUESTION* Christopher Cook (Aug 12)
- <Possible follow-ups>
- RE: Snort Setup Suggestions? *NEWBIE QUESTION* McCammon, Keith (Aug 12)