[Snort-users] Snort basic questions
fygrave at ...121...
Sun Jun 10 08:41:04 EDT 2001
On Sun, Jun 10, 2001 at 12:07:56PM +0100, Effi Baruch wrote:
> I have some basic questions about the Snort:
> 1. Can I send syslogs with it to another computer ? If yes, how can it be
> done ?
in your /etc/syslog.conf:
Snortsyslog level is the facility.level which snort does logging with.
> 2. What is the maximum amount of traffic it can handle ?
Depends on your CPU power/ram..
> 3. Can I listen to traffic and examine it without logging it (using only the
> alert option) ? If yes, how can it be done ?
> 4. I saw there is a list of rules I can use (DoS etc.). If I want to use
> them all, should I need to copy it to a single rules file ?
use snort.conf, it includes them all.
PGP fingerprint = 56DD 1511 DDDA 56D7 99C7 B288 5CE5 A713 0969 A4D1
More information about the Snort-users