[Snort-users] snort behind firewall ??
centiped at ...1832...
Thu Apr 26 18:53:58 EDT 2001
Don't know, guys, really.
I run snort on the same linux machine I use ipchains.
I configured it to serve and protect my ppp0 interface.
Until today, it has alerted me of nothing but an ICMP scan, thanks to
The moment I remove ipchains, snort usually begins its barking.
And of course I heavily tested it with self initiated scannings.
My conclusion, and of course your remarks are more than welcomed, is that
snort DO NOT see packets blocked by ipchains.
p.s - as I said, I'd be extremely happy of course if any of you could
show me otherwise.
More information about the Snort-users