Snort mailing list archives
Re: Snort with Acid : Network
From: "j" <jai.s () net4india net>
Date: Tue, 27 Aug 2002 20:38:53 +0530
Hi, Jeff:
just out of curiosity, and possibly slightly OT, what does the "22" in
home net
do? i've only seen 8/16/24/32. how would 22 work?
/22 is supernetting. 255.255.252.0
What type of network layer device are you plugged into?? Sounds like you have snort plugged into a switch. Which would explain why you are only seeing traffic to/from the snort box.
All the switch are in cascade form. one switch is connected to other, there is no vlan configured. There are 3 switch ports 24 each, all the machine are connected with to unstructured or unorganized ip address.. Which includes router, which is in one of the switch, the linux box with snort is in suppose A Switch. And my snort box, is not detecting portscan, from one machine to another, which is in same switch I think i have to place the snort in proper place, but i am not able to figure out where ?? j ----- Original Message ----- From: Jon Quiros <jquiros () teahead net> To: <snort-users () lists sourceforge net> Sent: Tuesday, August 27, 2002 7:42 PM Subject: Re: [Snort-users] Snort with Acid : Network
"Wirth, Jeff" wrote:From: j [mailto:jai.s () net4india net]Hi, I have configured snort with mysql, acid. successfully in linux box. In the configuration i have specified var HOME_NET x.x.x.x/22 var EXTERNAL_NET anyjust out of curiosity, and possibly slightly OT, what does the "22" in
home net
do? i've only seen 8/16/24/32. how would 22 work? ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort with Acid : Network j (Aug 27)
- Re: Snort with Acid : Network Joe Dauncey (Aug 27)
- <Possible follow-ups>
- RE: Snort with Acid : Network Wirth, Jeff (Aug 27)
- Re: Snort with Acid : Network Jon Quiros (Aug 27)
- Re: Snort with Acid : Network j (Aug 27)
- Re: Snort with Acid : Network Jon Quiros (Aug 27)
- RE: Snort with Acid : Network McCammon, Keith (Aug 27)
- RE: Snort with Acid : Network McCammon, Keith (Aug 27)