[Snort-users] question on mapping net IPs to hosts

jeffs at ...1936... jeffs at ...1936...
Tue Jul 27 19:31:07 EDT 2004


Assuming one is monitoring an internal net of say 10.0.0.0/24 and getting 
logs and alerts for a bunch of hosts which are dynamically assigned their 
ip number.  How do people in this group go about mapping those dynamically 
assigned IPs to actual machines with the purpose of tracking down malware 
or whatever on those individual host machines, since these IP numbers are 
dynamic and ever changing.

Thanks for any input.

J.




More information about the Snort-users mailing list