[Snort-users] snort behind firewall - good?

Jed Haile hailjt at ...1871...
Sun Apr 22 10:28:51 EDT 2001


This should work. I have never tried it.  If you're using ipchians or
iptables, these live in kernal space, and libpcap will capture the packets
before the firewall gets an opportunity to see them.

I would prefer separate machines, but if you haven't got the resources then
this is better than nothing...

Jed



----- Original Message -----
From: "dotslash" <dotslash at ...1760...>
To: "Snort" <snort-users at lists.sourceforge.net>
Sent: Sunday, April 22, 2001 5:04 AM
Subject: [Snort-users] snort behind firewall - good?


> this maybe obvious to all of you but i just want to find out if it's
> advisable to install a firewall in the same box as snort is installed.
will
> i be missing things if i do it this way like portscans and all that?
>
>
> regards,
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>





More information about the Snort-users mailing list