[Snort-users] Snort behind host's firewall
robsd at ...2198...
Fri Jun 8 04:13:45 EDT 2001
And sorry if I ask a question that has already a answer on the list!
I want to deploy 4 servers on one collocation center and my servers
will be in one network with servers that are not ours and I don't want
to provide IDS for them. So, if it's possible to configure snort to
not use promiscuous mode and to analyze only packets that pass through
my firewall. I know that I can use "-h IP" but on 2 servers I will
have multiple IP's (more than 20) and for this I will have to add for
every new IP a new configuration! And in the same time I want to spare
same CPU time and only analyze what pass the firewall!
Thank you for your response!
RoBSD mailto:robsd at ...2198...
More information about the Snort-users