[Snort-users] Remote packet sniffing?
michaelb at ...9721...
Thu Jul 24 11:29:03 EDT 2003
I'm one of those "new guys" here with some experience with Linux
(though I've had to refresh lately as it's been a while). I'm over our
networks here where I work, and it's a distributed place with 7 remote
locations connected by frame. I've been asked to monitor the network at
every site, something like a packet monitor would fit the bill. I've got
Snort up and running on a RH 9 system, loggin to MySQL and with ACID.
Besides one other Unix machine, this is the only *nix machine within our
So... are there remote Win agents that I can use to collect packets
and report them to snort without requiring administrative login? Honestly, I
wouldn't need this real time, but just store it and send it to my Linux
machine every night for me to look at in th emorning (or I could learn to
write rules for Snort and have it do it...) Am I working too hard on this?
Thanks guys (and gals?)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2552 bytes
Desc: not available
More information about the Snort-users