[Snort-users] snort newbie help
gpadilla at ...13098...
Mon Feb 28 13:42:41 EST 2005
Thanks.. that seems to work. Is there any documentation on how to sniff out url address that are being accessed on my network with snort?
From: snort-users-admin at lists.sourceforge.net [mailto:snort-users-admin at ...3204...ts.sourceforge.net] On Behalf Of Jose Maria Lopez Hernandez
Sent: Monday, February 28, 2005 1:00 PM
To: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] snort newbie help
El lun, 28-02-2005 a las 11:30 -0500, Guillermo Padilla escribió:
> I just recently installed snort on RH9.0 with apache-myslq-php-acid
> etc.. The front end of the snort seems to be working fine.
> The server that snort is installed on has 5 interfaces but 4 will be
> used as taps. I'm having problems figuring out how to get snort to only
> listen on just those 4 interfaces. If I set up my startup script to
> iface=any it only starts looping localhost alerts. If I add iface=eth1
> it looks like its seeing traffic on that interface. Right now I've only
> plugged all interfaces onto a hub where my windows machine is also plug
> to the the uplink port is connected to a switch which in turns goes out
> to the cloud.
You can do channel bonding of the interfaces you want the snort
daemon to listen to and then use the bonded interface in the
> I want to see if I can see the traffic which is happening on my windows
> All the interfaces do not have ip address except eth0.
> Can anyone point me into the right derection?
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac at ...12346...
bgSEC Seguridad y Consultoria de Sistemas Informaticos
The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
-- Jack Kerouac, "On the Road"
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users