[Snort-users] Any using snort on solaris 10 with zones
gregcope at ...11827...
Sat Mar 20 06:07:53 EDT 2010
I have a requirement to monitor "all traffic" (pci req 11). The vlan
in question has 2 hosts. A single windows host (physical) and a
solaris 10 host run a small number of zones.
I know solaris zones pose a challenge as interzone trafic will not go
to the wire with shared IP. Although not ideal interzone traffic
should be trusted and I am more conceded with exterior traffic.
There are few services to monitor an so the snort config should be
Anyone else doing this with snort? Care to share experiences good or
bad? Am I mad or will this work.
Also looking to use something like oosec to do host integrity and log
monitoring including snort reporting/alerting.
Is there a better place to ask such questions?
More information about the Snort-users