[Snort-users] Dual home IDS? ACID and send email alerts on one, IDS on the other.
martyhauser at ...5190...
Fri Oct 22 23:06:02 EDT 2004
Thanks to the great work of the group behind and Patrick S. Harper
<mailto:patrick at ...4250...> , his procedures are very good and
I have Fedora Core 2 and snort 2.2.0 running perfectly. There is nothing
wrong with the IDS system, this question is on an enhancement. My manager
configured the Cisco switch to mirror all traffic to one port. That's what
we want, but I'm told that this port is IP-less and no traffic can flow into
or out of the IDS system. The IDS system is connected to this port and
working perfectly. The issue is the IDS system can't send emails or access
the functional ACID website. I thought of adding a second NIC and directing
SNORT to monitor this NIC instead and connect the original NIC to the
network on a normal port and regain email and ACID website support. Have you
guy's any guidance/ experience with resolving an issue like this? Any help
would really be appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users