[Snort-users] Snort on home DSL connection

Bell, Josh josh.bell at ...10824...
Wed Dec 24 23:40:00 EST 2003


Another Snort newb here...

I've set up a Snort box at home so I can have an 'expendable' box to
experiment and learn on.  I have an SBC DSL connection.  The DSL line
runs into my DSL modem, from there to a little hub, and from there to a
Linksys-type router/firewall, where my machines are connected.  It's a
PPPoE DSL connection so my IP can and does change rather frequently.  

On my Snort box, eth0 is connected to the 'inside' network with an
RFC1918 address and eth1 is connected to the hub in promiscuous mode.
It receives all traffic that hits the hub, the only problem I have is I
don't know how to set the HOME_NET variable.  I can't use eth0's IP
because that's just a 192.168 address.  Eth1 has no IP and I don't want
to statically plug in in there.  Can I use a DNS name?  I have a DYNDNS
account which in theory is updated regularly and should be the IP of my
router.  If not, is there some way of telling it to use whatever IP is
currently assigned to a particular MAC?

Any help would be greatly appreciated.

Josh Bell
 
Note:  The information contained in this message may be privileged and confidential and thus protected from disclosure.  If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.  If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.  Thank you.





More information about the Snort-users mailing list