[Snort-users] Snort behind host's firewall

RoBSD robsd at ...2198...
Fri Jun 8 04:13:45 EDT 2001


Hello,
And sorry if I ask a question that has already a answer on the list!
I want to deploy 4 servers on one collocation center and my servers
will be in one network with servers that are not ours and I don't want
to provide IDS for them. So, if it's possible to configure snort to
not use promiscuous mode and to analyze only packets that pass through
my firewall. I know that I can use "-h IP" but on 2 servers I will
have multiple IP's (more than 20) and for this I will have to add for
every new IP a new configuration! And in the same time I want to spare
same CPU time and only analyze what pass the firewall!

Thank you for your response!

Radu Coroi
  

-- 
Best regards,
 RoBSD                          mailto:robsd at ...2198...





More information about the Snort-users mailing list