[Snort-sigs] Snort conf file

Paul Schmehl pauls at ...1311...
Mon Oct 17 08:25:35 EDT 2005


--On Tuesday, October 11, 2005 11:11:38 +0530 "U.Chandrasekar" 
<chandrau at ...3165...> wrote:

> Hi,
>
> Thanks for your valuable information. now i can start snort.can i make
> snort ids to scan only my internal network and give reports through acid
> viewer.
>
Snort doesn't "scan" anything.  It's a passive detection device.  It's 
important to understand this, because snort will only see traffic that 
passes by its network interface.

ACID is deprecated.  Use BASE instead.  http://secureideas.sourceforge.net/

BASE was built from the ACID codebase.

Paul Schmehl (pauls at ...1311...)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/ir/security/




More information about the Snort-sigs mailing list