[Snort-users] Remote packet sniffing?

Michael Bowman michaelb at ...9721...
Thu Jul 24 11:29:03 EDT 2003


Hello all!

	I'm one of those "new guys" here with some experience with Linux
(though I've had to refresh lately as it's been a while). I'm over our
networks here where I work, and it's a distributed place with 7 remote
locations connected by frame. I've been asked to monitor the network at
every site, something like a packet monitor would fit the bill. I've got
Snort up and running on a RH 9 system, loggin to MySQL and with ACID.
Besides one other Unix machine, this is the only *nix machine within our
organization. 

	So... are there remote Win agents that I can use to collect packets
and report them to snort without requiring administrative login? Honestly, I
wouldn't need this real time, but just store it and send it to my Linux
machine every night for me to look at in th emorning (or I could learn to
write rules for Snort and have it do it...) Am I working too hard on this?

Thanks guys (and gals?)

Michael Bowman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 2552 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030724/1582e217/attachment.bin>


More information about the Snort-users mailing list