Snort mailing list archives
Re: running snort as packet logger and nids simultaneously
From: Metal Gear <finattack () gmail com>
Date: Tue, 7 Jun 2005 17:02:39 +0500
Thanks, On 6/7/05, Joel Esler <eslerj () gmail com> wrote:
Either way you're going to end up with the same result. Write three rules alert tcp any any -> any any (msg:"TCP Capture";) alert udp any any -> any any (msg:"Udp capture";) alert icmp any any -> any any (msg:"ICMP capture";) then restart snort. On 6/7/05, Metal Gear <finattack () gmail com> wrote:the reasone i opted for that is due to very small size of the networki.eonly 5 computers on that.-- Joel Esler BASE Project Lead http://sourceforge.net/projects/secureideas
Current thread:
- running snort as packet logger and nids simultaneously Metal Gear (Jun 07)
- Re: running snort as packet logger and nids simultaneously Joel Esler (Jun 07)
- Re: running snort as packet logger and nids simultaneously Metal Gear (Jun 07)
- Re: running snort as packet logger and nids simultaneously Joel Esler (Jun 07)
- Re: running snort as packet logger and nids simultaneously Metal Gear (Jun 07)
- Message not available
- Message not available
- Re: running snort as packet logger and nids simultaneously Metal Gear (Jun 07)
- Re: running snort as packet logger and nids simultaneously Bamm Visscher (Jun 07)
- Message not available
- Re: running snort as packet logger and nids simultaneously Metal Gear (Jun 08)
- Re: running snort as packet logger and nids simultaneously Metal Gear (Jun 07)
- Re: running snort as packet logger and nids simultaneously Joel Esler (Jun 07)