Snort mailing list archives
Segmenting Network Parts
From: "Jan van den Berg" <jan () e-commercepark com>
Date: Thu, 20 Mar 2003 01:13:23 -0400
Hi there, I have a machine with 2 NICs which I want to use as the sensor. I'm thinking of doing this by plugging this box into the switch with one NIC with a read-only cable and/or putting the interface in "stealth" mode (so without an IP). The other NIC I want to use for the management console; so this is where the logs go, the mySQL database will be and stuff as ACID and SnorCenter and is the communication point with the sensor. In another email I received this answer about the stealth mode and that is fine. But this answer raised a couple of other questions though. First how can I make the sensor not to sniff NIC2? Or say I want to sniff different VLANs and not the entire traffic stream how do I go about this? So how do I go about segmenting different network parts off of the sensor? Regards, Jan van den Berg
Current thread:
- Segmenting Network Parts Jan van den Berg (Mar 19)
- Re: Segmenting Network Parts Demetri Mouratis (Mar 20)
- Re: Segmenting Network Parts David Alonso De La Vega Tapage (Mar 21)
- Re: Segmenting Network Parts Erek Adams (Mar 21)
- Re: Segmenting Network Parts David Alonso De La Vega Tapage (Mar 21)
- Re: Segmenting Network Parts Erek Adams (Mar 21)
- Re: Segmenting Network Parts David Alonso De La Vega Tapage (Mar 21)
- Re: Segmenting Network Parts Demetri Mouratis (Mar 20)