Snort mailing list archives

Re: Router, Firewall, Snort on one system?

From: Alejandro Flores <alejandrorflores () gmail com>
Date: Wed, 15 Dec 2004 09:25:12 -0300

Hello Marius,

Hi,
how good/bad is to have Snort running on Router/Firewall? What would
be the best topology for small network (~10PC)?


I see no problem, as you don't have a huge traffic to analyse. If you
do NAT, run 2 instances of Snort, one for each interface. When you do
NAT and run your snort on the external interface only, you'll never
know what desktop on your lan is 'disturbing the peace', cause you'll
always see the NATed ip address.

Regards,
Alejandro


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Router, Firewall, Snort on one system? Marius Janusaitis (Dec 15)
- Re: Router, Firewall, Snort on one system? Alejandro Flores (Dec 15)