Distributed Snort possibility?

[turki <turki_00 () yahoo com>]

Hi

I am new to Snort and I have these totally newbies questions:

1- Can Snort monitors remote network traffic. meaning Snort is installed in
 a local network and it needs to monitor/capture packets from remote 
network. is this possible? (I am not sure where should Snort sensor be 
installed in this case in the local network or in the remote network?)

2- If I have 2 separate machines in the same network, each run its own Snort. can they (both) log alerts into the same 
MySql db? (shared db for multiple Snort instances?)

3- same scenario as question 2 (above), can the two Snort machines share the same rules between them?

Thank you,


------------------------------------------------------------------------------
Oracle to DB2 Conversion Guide: Learn learn about native support for PL/SQL,
new data types, scalar functions, improved concurrency, built-in packages, 
OCI, SQL*Plus, data movement tools, best practices and more.
http://p.sf.net/sfu/oracle-sfdev2dev

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users