Re: Probably a Dumb Question

[Steve Thompson <stevet () copper net>]

Thank you for the reply, especially for the manual links.

ClearOS 6 implements snort from its marketplace. I will have to 
do a bit of work to modify the configuration. So I will be 
reading for a while. However, in my opinion, Clear Foundation 
doesn't do such a great job of documenting...

Regards,
Steve.T



On 08/08/2016 08:47 PM, Al Lewis (allewi) wrote:
> Hello,
>
>       Snort is alerting off of the traffic is sees. Its up to the user to set snort up so that the traffic is sees 
> makes sense (this is called IDS tuning).
>
> You may want to take a look at the manual. A good place would be to start here: 
> http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node6.html
>
>
> One of your very first steps should be to setup your HOME_NET and EXTERNAL_NET
>
> http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node16.html#SECTION00312000000000000000
>
>
>
> Good Luck.
>
> Albert Lewis
> ENGINEER.SOFTWARE ENGINEERING
> SOURCEfire, Inc. now part of Cisco
> Email: allewi () cisco com
<SNIPPAGE>

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. http://sdm.link/zohodev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!