Snort mailing list archives
SERVER ADDRESSES
From: "Pratik Kumawat" <pratik.kumawat () matrixcomsec com>
Date: Sun, 23 Oct 2011 11:35:37 +0530
I have a question here... In case, we write $HOME_NET in the variables meant for DNS Server, HTTP Server, SMTP, SQL, TELNET, SNMP, etc, then how does SNORT recognize the actual IP address of the respective servers?? I mean if v have something like # Setup the network addresses you are protecting var HOME_NET 192.168.1.0/24 # Set up the external network addresses. Leave as "any" in most situations var EXTERNAL_NET !$HOME_NET # List of DNS servers on your network var DNS_SERVERS $HOME_NET # List of SMTP servers on your network var SMTP_SERVERS $HOME_NET # List of web servers on your network var HTTP_SERVERS $HOME_NET # List of sql servers on your network var SQL_SERVERS $HOME_NET # List of telnet servers on your network var TELNET_SERVERS $HOME_NET # List of ssh servers on your network var SSH_SERVERS $HOME_NET # List of ftp servers on your network var FTP_SERVERS $HOME_NET then how will SNORT get to know which one is our DNS Server and so on??? Please someone reply asap... Thanks ------------------------------------------------------------------------------ The demand for IT networking professionals continues to grow, and the demand for specialized networking skills is growing even more rapidly. Take a complimentary Learning@Cisco Self-Assessment and learn about Cisco certifications, training, and career opportunities. http://p.sf.net/sfu/cisco-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- SERVER ADDRESSES Pratik Kumawat (Oct 22)
- Re: SERVER ADDRESSES Joel Esler (Oct 23)