[Snort-users] Sensor problem

Cesar Sanabria Pineda csanab at ...12650...
Tue Nov 9 14:44:08 EST 2004


Hi, i'm having troubles detecting traffic, my network is more or less:

             DMZ
              |               |------- LAN 1  (segment 191.168.1.x)
INTERNET ---- GW --(1)---GW-- |-------- LAN 2 (segment 191.168.2.x)
                 segement X   |                .
                              |               .
                              |------- LAN N (segment 191.168.n.x)

I mena, my sensor is between gateways.
I put my sensor on (1) a segment x (192.x.x.x) and i would like to
catch all traffic from every LAN (segment), but i'm not logging all
alerts, i mean, suppously i'm on the fist segment and i ping a server
on the DMZ i can't see the traffic neither in sniffer mode, so the
question is:

Why i'm not logging alerts from other segments that aren't in the same
segment where i put my sensor?.. What can i do to log alerts?





More information about the Snort-users mailing list