[Snort-users] snort and ATM

Teva AVRIL teva.avril at ...13005...
Wed Mar 2 01:30:39 EST 2005


I tried to install Snort under FreeBSD 5.3 to capture trafic on an atm
interface. After many attempts, snort didn't run : snort performed but
exited just after. I managed to run some tools like tcpdump (based on
libpcap too) but not Snort.

After some research, i found a paper about someone (thanks emilio) who
managed to implement snort on an atm network. Its snort captured trafic on
the atm interface. This station was installing with RedHat.

So i decided to let my FreeBSD (snif) for RedHat 9 and tried to implement
snort to capture trafic on my atm interface. And it worked.

So my question is simple : how could i manage to run snort to capture
trafic on a atm interface if snort doesn't handle atm? Is it because
decapsulation on RedHat9 is made so that snort is able to understand ip
packets or something like this? Or maybe the latest libpcap  could handle
atm now?

I'm very curious about to know how it worked. Thanks for your answer.

Best regards,


More information about the Snort-users mailing list