[Snort-users] (no subject)
erek at ...577...
Sun Oct 27 08:17:02 EST 2002
On Sun, 27 Oct 2002, Ha Tu wrote:
> As far as I know, snort can catch all infomation from the
> datalink layer through the Application one. So where is the position of
> snort in the TCP/IP stack so that it is able to do that? Do data flow
> from iptables to snort?
Snort grabs the Ethernet frames off the wire. Since it uses libpcap, it
all happens at that level.
> How can I create a stealthed NIC on a SUN solaris machine?
ifconfig hme1 plumb
ifconfig hme1 up
Also known as FAQ 3.2
More information about the Snort-users