[Snort-users] Remote packet sniffing?

CMartin at ...9696... CMartin at ...9696...
Thu Jul 24 11:39:23 EDT 2003


Well you can set up the win snort node to run as a service, which will
enable you to run snort without admin login.  As for batch processing the
finding of the windows nodes, I am personally unaware of an option for snort
to do that.  Real time report is very, very nice.  For information on how to
setup snort as a service (there is a option to set up as a service with the
windows snort version, but it generally does work or needs tweaking) look in
the archives for this emailing list.  There was some great ways posted not
too long ago.  I hope that helps ya!

Snorting for 4 months and lovin it!
Chris

		-----Original Message-----
		From: Michael Bowman [mailto:michaelb at ...9721...] 
		Sent: Thursday, July 24, 2003 11:30 AM
		To: 'Snort-Users (E-mail)
		Subject: [Snort-users] Remote packet sniffing?

		Hello all!

			I'm one of those "new guys" here with some
experience with Linux (though I've had to refresh lately as it's been a
while). I'm over our networks here where I work, and it's a distributed
place with 7 remote locations connected by frame. I've been asked to monitor
the network at every site, something like a packet monitor would fit the
bill. I've got Snort up and running on a RH 9 system, loggin to MySQL and
with ACID. Besides one other Unix machine, this is the only *nix machine
within our organization. 

			So... are there remote Win agents that I can use to
collect packets and report them to snort without requiring administrative
login? Honestly, I wouldn't need this real time, but just store it and send
it to my Linux machine every night for me to look at in th emorning (or I
could learn to write rules for Snort and have it do it...) Am I working too
hard on this?

		Thanks guys (and gals?)

		Michael Bowman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030724/a463cade/attachment.html>


More information about the Snort-users mailing list