[Snort-users] [Manual] How to Make Asus RT-N15U Wireless Router (Tomato by Shibby Fimware) Mirror Traffic to Snort

Teo En Ming teo.en.ming at ...11827...
Tue Apr 8 11:26:49 EDT 2014


I am done editing it.

Teo En Ming


On Tue, Apr 8, 2014 at 11:16 PM, Joel Esler (jesler) <jesler at ...589...>wrote:

>  I'll review it when you get done editing it.
>
>
>  On Apr 7, 2014, at 7:04 PM, Teo En Ming <teo.en.ming at ...11827...> wrote:
>
>  Updated the manual to version 1.2.
>
>  Teo En Ming
>
>
> On Tue, Apr 8, 2014 at 2:13 AM, Teo En Ming <teo.en.ming at ...11827...> wrote:
>
>>  Updated the manual to version 1.1.
>>
>>  Teo En Ming
>>
>>
>> On Mon, Apr 7, 2014 at 7:38 PM, Teo En Ming <teo.en.ming at ...11827...>wrote:
>>
>>>      Dear Snort Team @ Sourcefire,
>>>
>>>  As some of the information on the http://www.snort.org/docs page
>>> pertaining to how to make home routers mirror traffic to Snort is outdated,
>>> could you publish this manual on the http://www.snort.org/docs page as
>>> well.
>>>
>>>  Please note that the latest dd-wrt v24-SP2 and OpenWRT 12.09 firmwares
>>> NO LONGER support mirroring traffic to Snort as they are based on the Linux
>>> kernel 3.x. The kernel module ipt_ROUTE.ko is *incompatible* with Linux
>>> kernel 3.x. The ipt_ROUTE source code is only compatible with the Linux
>>> kernel 2.6.x.
>>>
>>>  Please use Tomato by Shibby firmwares if you seriously want to mirror
>>> traffic to Snort. Please visit his website at http://tomato.groov.pl/Why do you want to use Tomato by Shibby firmwares if you want to
>>> contemplate mirroring traffic to Snort? Because Tomato by Shibby firmwares
>>> are based on the Linux kernel 2.6.x. The latest is not always the greatest.
>>>
>>>  After failing to mirror traffic to Snort with the latest dd-wrt and
>>> OpenWRT firmwares on my Buffalo WZR-HP-G300NH2 router, I have FINALLY
>>> successfully mirrored traffic to Snort using Tomato by Shibby firmware on
>>> my Asus RT-N15U router.
>>>
>>>  I have wasted a few days and SGD$109 on the Buffalo WZR-HP-G300NH2
>>> wireless router in attempting to mirror traffic to Snort. I have wasted a
>>> lot of time on the dd-wrt and OpenWRT firmwares. Please DO NOT use the
>>> *latest* dd-wrt and OpenWRT firmwares if you seriously want to use home
>>> routers to mirror traffic to Snort.
>>>
>>> I hope I have saved potential Snort users' (who want to use home routers
>>> to mirror traffic to Snort) time and money by providing valuable advice
>>> here.
>>>
>>>  Please refer to the attached PDF file in this email for the manual
>>> which I have just written.
>>>
>>>  Lastly, and the most important of all, please help me generate some
>>> alerts for my Snort IDS virtual machine. My Snort IDS is installed in a
>>> virtual machine running on Oracle VM VirtualBox. My websites are
>>> http://www.teo-en-ming.com and http://www.zhang-enming.com
>>>
>>> I want to see some alerts appearing on my Snort box, just to make sure
>>> my Snort NIDS is fully operational.
>>>
>>>  Yours sincerely,
>>>
>>>  Teo En Ming
>>>
>>>
>>
>  <How to Make Asus RT-N15U Wireless Router (Tomato by Shibby Fimware)
> Mirror Traffic to Snort - Version 1.2.pdf>
> ------------------------------------------------------------------------------
> Put Bad Developers to Shame
> Dominate Development with Jenkins Continuous Integration
> Continuously Automate Build, Test & Deployment
> Start a new project now. Try Jenkins in the cloud.
>
> http://p.sf.net/sfu/13600_Cloudbees_______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140408/dd0b3b6b/attachment.html>


More information about the Snort-users mailing list