[Snort-users] help

Punam Prasad spunamprasad at ...131...
Wed Feb 27 01:26:02 EST 2002


Kindly unsubscribe me from teh snort mailing list.

Thanks and Regards

Punam

--- snort-users-request at lists.sourceforge.net wrote:
> Send Snort-users mailing list submissions to
> 	snort-users at lists.sourceforge.net
> 
> To subscribe or unsubscribe via the World Wide Web,
> visit
> 
>
https://lists.sourceforge.net/lists/listinfo/snort-users
> or, via email, send a message with subject or body
> 'help' to
> 	snort-users-request at lists.sourceforge.net
> 
> You can reach the person managing the list at
> 	snort-users-admin at lists.sourceforge.net
> 
> When replying, please edit your Subject line so it
> is more specific
> than "Re: Contents of Snort-users digest..."
> 
> 
> Today's Topics:
> 
>    1. RE: Workstation or Server in RH 7.2? (Lawler,
> John)
>    2. Re: Seg Fault (Chris Green)
>    3. Second Sensor/NIC and SNMP (Stuart Hall)
>    4. Re: BPF/libpcap performance, was Re: Seg Fault
> (Erek Adams)
>    5. Re: BPF/libpcap performance, was Re: Seg Fault
> (Ashley Thomas)
>    6. Re: BPF/libpcap performance, was Re: Seg Fault
> (Chris Green)
>    7. Re: BPF/libpcap performance, was Re: Seg Fault
> (Erek Adams)
>    8. Re: Interesting traffic... (Ashley Thomas)
>    9. Re: BPF/libpcap performance, was Re: Seg Fault
> (Erek Adams)
>   10. Re: Workstation or Server in RH 7.2? (Demetri
> Mouratis)
>   11. Re: Interesting traffic... (Scott Taylor)
>   12. Re: BPF/libpcap performance, was Re: Seg Fault
> (Phil Wood)
> 
> --__--__--
> 
> Message: 1
> From: "Lawler, John" <John_Lawler at ...5105...>
> To: "'snort-users at lists.sourceforge.net'"
> 	 <snort-users at lists.sourceforge.net>
> Subject: RE: [Snort-users] Workstation or Server in
> RH 7.2?
> Date: Tue, 26 Feb 2002 17:21:08 -0500
> 
> I myself use a very stripped down custom install
> with only the things needed
> to run snort.  The things you would need installed
> would also depend on if
> you were running mysql on the box as well for acid
> etc.
> 
> 
> -----Original Message-----
> From: CGI [mailto:synecoro at ...4554...] 
> Sent: Tuesday, February 26, 2002 4:33 PM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] Workstation or Server in RH
> 7.2?
> 
> What installation you are using for Snort in Red
> Hat,
> Workstation or Server and why?
> 
> 
> Thanks
> 
> 
>
______________________________________________________________________
> 
> Find, Connect, Date! http://personals.yahoo.ca
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or
> unsubscribe:
>
https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
>
http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 
> 
> --__--__--
> 
> Message: 2
> To: snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] Seg Fault
> From: Chris Green <cmg at ...671...>
> Reply-To: snort-users at lists.sourceforge.net
> Date: Tue, 26 Feb 2002 16:38:44 -0600
> 
> spyguy703 <spyguy703 at ...131...> writes:
> 
> > I had same problem with RH 7.2 and built from
> source and things worked ok...
> >
> >
> > Slightly off topic ranting:
> >
> > FWIW and IMHO, run your snort'er on a headless (no
> x-windows) FreeBSD box. 
> > FreeBSD supposedly has the fastest TCPIP stack and
> when you follow the 
> 
> FYI, its BPF/libpcap performance and not TCP stack
> performance that is the
> issue when it comes to snort
> -- 
> Chris Green <cmg at ...671...>
> Don't use a big word where a diminutive one will
> suffice.
> 
> 
> --__--__--
> 
> Message: 3
> From: "Stuart Hall" <sdenigma at ...125...>
> To: Snort-users at lists.sourceforge.net
> Date: Tue, 26 Feb 2002 22:40:18 +0000
> Subject: [Snort-users] Second Sensor/NIC and SNMP
> 
> Wondering if anyone had some relevant information
> for running SNMP with 
> Snort.  I see the variables in the snort.conf but
> I'm not the strongest SNMP 
> user so was hoping there was a nice reference page
> available (other than the 
> SNMP-readme).
> 
> Also, my Snort box has been running for several
> months but I want to add a 
> second NIC and sensor for mysql/demarc.  I can get
> the sensor to register in 
> Demarc but it always binds to the wrong NIC.  I have
> three NIC's, one 
> runnign snort, one internally accessible and one
> that won't bind.  This is 
> on W2K.  Any suggestions?  Am I missing an mysql
> step?
> 
> Thanks,  Stuart
> 
> 
>
_________________________________________________________________
> MSN Photos is the easiest way to share and print
> your photos: 
> http://photos.msn.com/support/worldwide.aspx
> 
> 
> 
> --__--__--
> 
> Message: 4
> Date: Tue, 26 Feb 2002 15:02:17 -0800 (PST)
> From: Erek Adams <erek at ...577...>
> To: Chris Green <cmg at ...671...>
> cc: snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] BPF/libpcap performance,
> was Re: Seg Fault
> 
> On Tue, 26 Feb 2002, Chris Green wrote:
> 
> > FYI, its BPF/libpcap performance and not TCP stack
> performance that is the
> > issue when it comes to snort
> 
> Ok, with that being said, here's a question:  Is it
> worth upgrading to another
> version of libpcap each time it comes out?  Or
> tracking it's CVS as well?
> 
> Along those lines, would there be any useful TCP/IP
> stack parameters to
> tune/change, or would that just be a waste of
> effort?
> 
> -----
> Erek Adams
> Nifty-Type-Guy
> TheAdamsFamily.Net
> 
> 
> 
> --__--__--
> 
> Message: 5
> Date: Tue, 26 Feb 2002 18:10:06 -0500 (EST)
> From: Ashley Thomas <athomas at ...3539...>
> To: Erek Adams <erek at ...577...>
> cc: Chris Green <cmg at ...671...>,
> <snort-users at lists.sourceforge.net>
> Subject: Re: [Snort-users] BPF/libpcap performance,
> was Re: Seg Fault
> 
> 
=== message truncated ===


__________________________________________________
Do You Yahoo!?
Yahoo! Greetings - Send FREE e-cards for every occasion!
http://greetings.yahoo.com




More information about the Snort-users mailing list