[Snort-users] Help on logs

Renaud Leroy action09 at ...12671...
Tue Nov 16 14:32:03 EST 2004


Hi !

I made a litte gateway for my lan ( 3 PC ), i have 2 ethernet cards on
the gateway ( an old Pentium 100 32 MB RAM): eth0 = external ( connected
to the adsl modem) and eth1 = internal (connected to the lan ) , the
gateway is 192.168.0.1 sharing connection by iptables/netfilter for the
3 PC ( 192.168.0.2 -> 192.168.0.4 )

I installed snort on the gateway  /0\ i don't know if it is a BIG
security risqk if someone root the gateway or something else...

HEre's my configuration and i can't see anything in the logs
( h**p://action09.suidzer0.org/snort.conf )


I'm running netfilet iptables  on the gateway ( rules same as this -->
h**p://people.via.ecp.fr/~alexis/formation-linux/firewall.html )

i add portsentry from which i can't either see some portscan?

is it an error from me ? confguration NOK ?
The ISP is blocking some attacks ? or netfilter ?


Please help


Thanks by advance and sorry for my bad English.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20041116/7c389070/attachment.sig>


More information about the Snort-users mailing list