[Snort-users] snort behind firewall - good?
hailjt at ...1871...
Sun Apr 22 10:28:51 EDT 2001
This should work. I have never tried it. If you're using ipchians or
iptables, these live in kernal space, and libpcap will capture the packets
before the firewall gets an opportunity to see them.
I would prefer separate machines, but if you haven't got the resources then
this is better than nothing...
----- Original Message -----
From: "dotslash" <dotslash at ...1760...>
To: "Snort" <snort-users at lists.sourceforge.net>
Sent: Sunday, April 22, 2001 5:04 AM
Subject: [Snort-users] snort behind firewall - good?
> this maybe obvious to all of you but i just want to find out if it's
> advisable to install a firewall in the same box as snort is installed.
> i be missing things if i do it this way like portscans and all that?
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
More information about the Snort-users