[Snort-users] Remote collection of data from a Snort

Guillaume guillaume at ...4029...
Wed Jan 16 01:42:03 EST 2002


Dans son précédent message Ian Masters écrivait :

> Would it be possible using ssh.
>
> Ian
>
> p.s. there was no need to tell people I am your colleague.
> There's no shame  in shizophrenia.

>> Is there a way to remotely collect data from a snort sensor with
>> 2 network  cards connected to the same hub, one without an IP to
>> collect network data  in stealth mode and the other with an IP to
>> allow collection of data  remotely, without the sensor being
>> visible on the network.
>>
>> I can't see how this would be possible but a colleague of mine
>> seems to  think that it is?
>>
>>Is it?

I used to run snort this way, with one card recording traffic and the
other used to sent alerts to a remote MySQL DB.

Did not cause any trouble. Could alos be possible using syslog-ng I
think...

Guillaume

[ Sent with SquirrelMail -  http://www.squirrelmail.org     ]






More information about the Snort-users mailing list