[Snort-users] Snort newbie
chris at ...11715...
Tue Apr 27 07:38:19 EDT 2004
I am as green as they come to snort so I hope this question isn't too
I have a low traffic FreeBSD server that is on the same switch as two
high traffic servers. I have installed snort and snortsnarf on this
server. When I fire up Snort, my MRTG graphs go bonkers since I am
listening to all traffic on the same switch. This slows my little
server down to a snail's crawl. Is the only real way to fix this
involve installing a separate switch for this machine to listen on. I
have been through the documentation and I am not clear on how to make
Snort listen and record only the traffic that is relevant to it. I
appreciate any help you can give me on this.
More information about the Snort-users