[Snort-users] Enable Snort To Detect NIDS
ben at ...7924...
Thu Jan 9 10:40:28 EST 2003
What kind of network do you have? If you are talking about a hub-ed
network then it is easy. Switched is not so easy.
If you are on a hub-ed network then you have to put the network card
into "promiscuous" mode. In Linux this is done by using the command
#> ifconfig eth0 promisc
to turn this off
#> ifconfig eth0 -promisc
you should see a "PROMISC" in the output from
On Wed, 2003-01-08 at 04:21, Pathmenanthan Ramakrishna wrote:
> im using snort version 1.9.when i start the snortd deamon it enables the snort and captures data that direct to the server.
> how to enable the snort to capture the entire LAN traffic?
> currently when i perform an attack to the host(where snort running)i can see values at the ACID Console.
> what if when the snort is running,i want it to detect other host activities as well.
> how do i do that?
> can anyone help me
> Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year.
> This SF.NET email is sponsored by:
> SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
More information about the Snort-users