[Snort-users] Use dyndns to ignore my ip

waldo kitty wkitty42 at ...14940...
Sat Feb 16 00:17:02 EST 2013


On 2/15/2013 23:19, Jeremy Hoel wrote:
> Ahh.. but you might be assuming that the server/snort ip changes..
> what if it doesn't but the outside of the router/gateway does..  :-)

then that would not be indicated in the snort.conf and thus would not apply to 
the snort installation on the interior network... at least in my experiences ;)

> On Fri, Feb 15, 2013 at 9:08 PM, waldo kitty<wkitty42 at ...14940...>  wrote:
>> On 2/15/2013 14:33, Jeremy Hoel wrote:
>>> yeah..  a crontab that checks the dyn dns entry once a minute and also
>>> checkes $HOME_NET and if it doesn't contain the dyn dns address,
>>> rewrite home_net (using sed or something) and then restart snort.
>>>
>>> I'd be curious if you knew how often your outside Ip changed.  you
>>> could bump the script up to check every 5 minutes or so if you
>>> wheren't that worried.
>>
>> ain't that hard to do if one simply handles it in their connection scripts with
>> an include file for those vars :)






More information about the Snort-users mailing list