Snort mailing list archives
RE: Var Home_Net and NIC talk prob
From: "Willy, Andrew" <AWilly () eSMIL net>
Date: Wed, 17 Aug 2005 08:56:18 -0700
You're working with software and documentation that assumes you're familiar with basic networking. I suggest beginning with general TCP/IP and Ethernet before going onto to IDS. There are countless resources online. Andrew -----Original Message----- From: Banshee [mailto:banshee6670 () tin it] Sent: Wednesday, August 17, 2005 8:47 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Var Home_Net and NIC talk prob Hello all, I am trying to install snort following a guide that is on winsnort:(http://www.winsnort.com/modules.php?op=modload&name=Sections&file= index&req=printpage&artid=5). I have installed apache,installed and configured php, tested apache and php and installed winpcap and snort ok.Now I am stuck. I need enter my ip in var home_net but I dont know what to enter there as I have dynamic ip. Quote: ---- To monitor a single host, with an IP of 192.168.171.129 Change: var HOME_NET 192.168.171.129/32 Note: You could also use: Change: var HOME_NET 192.168.171.129 To monitor a class C Network with an IP of 192.168.171.x, and a subnet of 255.255.255.x Change: var HOME_NET 192.168.171.129/24 To monitor a class B network with an IP of 192.168.x.x, and a subnet of 255.255.x.x Change: var HOME_NET 192.168.171.129/16 To monitor a class A Network with an IP of 192.x.x.x, and a subnet of 255.x.x.x Change: var HOME_NET 192.168.171.129/8 ---------------end of quote----------- What are those 32,24,16,8 at the end of the ips ? and what is a subnet. How do I know which ones to add to my dynamic ips ? I have no clue.... Quote: ----------- Testing the Snort installation [clip] At the command prompt '>' type: snort -W [clip] Connect the sensor to the network using the preferred Network Interface Card (NIC) and make sure that the web can be browsed. -----------end of quote How would I do that ? I dont even know what/where my NIC is. Any help appreciated. Luca S. ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users NOTICE OF CONFIDENTIALITY-The information in this email, including attachments, may be confidential and/or privileged and may contain confidential health information. This email is intended to be reviewed only by the individual or organization named as addressee. If you have received this email in error please notify Scottsdale Medical Imaging, an affiliate of Southwest Diagnostic Imaging, LTD immediately - by return message to the sender or to support () esmil com - and destroy all copies of this message and any attachments. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of Scottsdale Medical Imaging. Confidential health information is protected by state and federal law, including, but not limited to, the Health Insurance Portability and Accountability Act of 1996 and related regulations. ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Var Home_Net and NIC talk prob Banshee (Aug 17)
- <Possible follow-ups>
- RE: Var Home_Net and NIC talk prob Willy, Andrew (Aug 17)