RE: I need help with network address setup

["Steve Jacobsen" <steve () ECI-EQUITY COM>]

Here's the basic setup.

Internet -- Router -- Hub -- Firewall -- Switch -- Internal hosts
                       |
                     Snort

I have the snort machine plugged into the hub inbetween the router and
firewall. I'm just assuming that my configuration file or command line
is wrong.

Here is my command line C:\Snort\snort.exe -c "C:\Snort\snort.conf" -l
"C:\Snort\log" -A full -h xxx.xxx.xxx.64/27 -i 1 -a -d



/steve 

-----Original Message-----
From: Scott Nursten [mailto:scottn () s2s ltd uk] 
Sent: Tuesday, July 30, 2002 8:41 AM
To: Steve Jacobsen; snort-users () lists sourceforge net
Subject: Re: [Snort-users] I need help with network address setup


Hey Steve, 

Could you tell us a little more about your config. If, for instance,
your network is using 3com switches and you have your sensor plugged
into the switch with no taps / span configs you won't be receiving
traffic for the network on the sensor. :)

Now, the above is (of course) purely hypothetical (and I'm sure this
isn't the case), but without an idea of the physical layout (whether the
IDS is inline or SPAN'd etc) and anything else pertinent to dumping
traffic on the segment(s), we (well certainly I) can't be of much use.


Kind Regards, 

-- 
Scott Nursten
--------------------------
S2S Limited
T: 01444 232 742
F: 01444 232 061
M: 07786 864 976
W: http://s2s.ltd.uk
E: scottn () s2s ltd uk
--------------------------




-------------------------------------------------------
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code1
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users