[Snort-users] Configuration issue, Part II
erek at ...577...
Mon Sep 24 06:35:03 EDT 2001
On Mon, 24 Sep 2001, Greg Sarsons wrote:
> Okay I've got snort running collecting a big binary dump file and not
> doing anything else but it is on a machine running iptables (the dump
> file will be looked at latter on another machine). So is it the case
> that much of the traffic will be killed by iptables even if snort is
> running in promiscuous mode?
> Does that mean that I have to take down my iptables firewall to collect
Yes. To make it simpler, put snort on a box by itself. Set it outside your
firewall with a recieve only cable and no IP on the interface. All will be
More information about the Snort-users