[Snort-users] what to do with dynamic ip hosts
emf at ...367...
Mon Oct 2 09:27:25 EDT 2000
On Sun, Oct 01, 2000 at 10:19:57PM -0400, Douglas F. Elznic wrote:
> I am going to run snort on my firewall that is hooked up to a cable
> connection. I am trying to use the rule set you can create on the web page. But
> it needs the ip of the computer it is on. My ip changes due to the dhcp lease.
> Is there a way to have it listen to interface eth0 instead of the ip address of
you can use "any" instead of your local address. You can run snort in
non-promiscuous mode (since it's a firewall, it's going to be passing all
the packets anyway...) and you can specify the interface to listen on with
a command line flag.
Security Administrator, ServerVault, Inc.
More information about the Snort-users