[Snort-users] WinPcap 3.0 supports remote capture
Esler, Joel Contractor
EslerJ at ...8772...
Tue Jun 24 06:36:35 EDT 2003
Every once in awhile, you see a topic that pops up on the 10+ listservers
that I am on that deserves a comment. :)
This could be an answer for many remote management theories...
One snort box, or what not, with a database, ACID, and snort on it.
Several basic loads, with remote capture reporting back to this snort box.
It would require little to no user interaction. Just a nic card. This has
WAY too many possibilites.
From: Richard Bejtlich [mailto:richard_bejtlich at ...131...]
Sent: Monday, June 23, 2003 11:30 PM
To: Snort-users at lists.sourceforge.net
Subject: [Snort-users] WinPcap 3.0 supports remote capture
Yesterday I mentioned SVtun
(http://www.cs.tau.ac.il/~nnavi/vtun/) for capturing
packets on one Linux device and analyzing them on a
separate Linux device, in response to a question on
doing the same with Windows and Linux. It appears
that WinPcap 3.0, released 10 Apr 03 and updated to
3.01 alpha on 13 Jun, supports this experimentally.
More information about the Snort-users