[Snort-users] A Question about the Conception
dr at ...381...
Mon Oct 9 04:38:04 EDT 2000
On Sun, 08 Oct 2000, Alexandre Soares wrote:
> Sorry guys, I'm have a machine running classical internet services, like
> as www, smtp, and so on, this machine is working in a big provider, to
> improve the security this machine run too a Linux firewall, this firewall
> tell me only what pass and what packet not passed, but I see in the snort a
> big light, because I can see the signature of the atack or eventual mistake.
> But when running this solution in my machine the fact I seen all network,
> what I can do to analyze only my machine, bechause the addres is based in
> cidr not in ip, sorry for my stupid question and my poor english too.
Snort addresses take CIDR netmasks.... so you could say 192.168.0.0/16 for the
the value of $HOME_NET.
Dragos Ruiu <dr at ...50...> dursec.com ltd. / kyx.net - we're from the future
gpg/pgp key on file at wwwkeys.pgp.net
More information about the Snort-users