[Snort-users] Help with config
mike at ...10501...
Sun Dec 28 01:20:01 EST 2003
I have had to resort to using a hub between the ADSL Modem and
router. So my network looks like this now:
(Snort Listening here)
Router / Firewall
Remainder of network
With this setup, snort seems unable to log anything at all. I have
been to several scanner sites and nothing is logged. What should I
set the HOME_NET variable to in this config? (Is it my global IP??) Is there any other
settings I need to change? The interface snort is plugged into on
the machine is eth1, which is activated on bootup, and snort states
it is listening there in promiscuios mode. It does not have a IP
associated with it, the RedHat config tool states this interface is
inactive, but I assume that this is as far as Gnome is concerd, and
it is active as far as snort is concerd. Am I right?
I realise that there is no local IP's in this config, as snort is
listening before the NAT translation takes place, but at least I
will have some idea of what is hitting the firewall.
Michael (mike at ...10501...)
This is only a test.
PGP KeyID := 0xA9547E32
'To see a world in a grain of sand
And heaven in a wild flower
To hold infinity in the palm of your hand
And eternity in an hour'
Using TheBat! Version 2.02.3 CE
Running On Windows XP (2600, Service Pack 1)
Sent From OneAndOne
More information about the Snort-users