[Snort-users] Clueless in Toronto
rstryker at ...7794...
Wed Dec 18 08:32:04 EST 2002
I have installed SNORT 1.8x on a W2K Server. No service packs as yet because i am just testing the waters with it. There are 2 NICs.
I can seem to figure out how to implement it now that it is running. I figure I will put it behind my firewall. But how do i force traffic to go through one NIC on the server and out through the other? Do i even need to do this, is one NIC enough to perform NIDS? I had SNORT doing sniffing but it only tracked the local computer's traffic and nothing else.
I have SNORTSNARF installed to see the reports but when I seem to have SNORT running I can't find the log files. I want SNORT setup for NIDS.
All help is greatly appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users