[Snort-users] getting snort going to detect any outside access
paul at ...1054...
Tue Jan 2 15:39:51 EST 2001
> 192.168.* ip addresses aren't internet routable, so I'll bet
> you are doing some kind of network address translation before
> your packets get to the WAN interface.
> Try either switching the above to the internal eth0 or use the
> interface ip of the WAN side for the -h .
> The latter is best cause you'll see stuff to your gateway.
Oh wow that was it! I changed HOME_NET to my DSL modem IP and it's alerting
away. Thanks much!
Paul T. Miller | paul at ...1054... | http://www.fxtech.com
More information about the Snort-users