[Snort-users] (no subject)

Erek Adams erek at ...577...
Sun Oct 27 08:17:02 EST 2002


On Sun, 27 Oct 2002, Ha Tu wrote:

>
>          As far as I know, snort can catch all infomation from the
> datalink layer through the Application one. So where is the position of
> snort in the TCP/IP stack so that it is able to do that? Do data flow
> from iptables to snort?

Snort grabs the Ethernet frames off the wire.  Since it uses libpcap, it
all happens at that level.


>         How can I create a stealthed NIC on a SUN solaris machine?

ifconfig hme1 plumb
ifconfig hme1 up

Also known as FAQ 3.2

http://www.snort.org/docs/faq.html#3.2

Cheers!

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net





More information about the Snort-users mailing list