[Snort-users] [Manual] How to Make Asus RT-N15U Wireless Router (Tomato by Shibby Fimware) Mirror Traffic to Snort
Teo En Ming
teo.en.ming at ...11827...
Tue Apr 8 11:26:49 EDT 2014
I am done editing it.
Teo En Ming
On Tue, Apr 8, 2014 at 11:16 PM, Joel Esler (jesler) <jesler at ...589...>wrote:
> I'll review it when you get done editing it.
> On Apr 7, 2014, at 7:04 PM, Teo En Ming <teo.en.ming at ...11827...> wrote:
> Updated the manual to version 1.2.
> Teo En Ming
> On Tue, Apr 8, 2014 at 2:13 AM, Teo En Ming <teo.en.ming at ...11827...> wrote:
>> Updated the manual to version 1.1.
>> Teo En Ming
>> On Mon, Apr 7, 2014 at 7:38 PM, Teo En Ming <teo.en.ming at ...11827...>wrote:
>>> Dear Snort Team @ Sourcefire,
>>> As some of the information on the http://www.snort.org/docs page
>>> pertaining to how to make home routers mirror traffic to Snort is outdated,
>>> could you publish this manual on the http://www.snort.org/docs page as
>>> Please note that the latest dd-wrt v24-SP2 and OpenWRT 12.09 firmwares
>>> NO LONGER support mirroring traffic to Snort as they are based on the Linux
>>> kernel 3.x. The kernel module ipt_ROUTE.ko is *incompatible* with Linux
>>> kernel 3.x. The ipt_ROUTE source code is only compatible with the Linux
>>> kernel 2.6.x.
>>> Please use Tomato by Shibby firmwares if you seriously want to mirror
>>> traffic to Snort. Please visit his website at http://tomato.groov.pl/Why do you want to use Tomato by Shibby firmwares if you want to
>>> contemplate mirroring traffic to Snort? Because Tomato by Shibby firmwares
>>> are based on the Linux kernel 2.6.x. The latest is not always the greatest.
>>> After failing to mirror traffic to Snort with the latest dd-wrt and
>>> OpenWRT firmwares on my Buffalo WZR-HP-G300NH2 router, I have FINALLY
>>> successfully mirrored traffic to Snort using Tomato by Shibby firmware on
>>> my Asus RT-N15U router.
>>> I have wasted a few days and SGD$109 on the Buffalo WZR-HP-G300NH2
>>> wireless router in attempting to mirror traffic to Snort. I have wasted a
>>> lot of time on the dd-wrt and OpenWRT firmwares. Please DO NOT use the
>>> *latest* dd-wrt and OpenWRT firmwares if you seriously want to use home
>>> routers to mirror traffic to Snort.
>>> I hope I have saved potential Snort users' (who want to use home routers
>>> to mirror traffic to Snort) time and money by providing valuable advice
>>> Please refer to the attached PDF file in this email for the manual
>>> which I have just written.
>>> Lastly, and the most important of all, please help me generate some
>>> alerts for my Snort IDS virtual machine. My Snort IDS is installed in a
>>> virtual machine running on Oracle VM VirtualBox. My websites are
>>> http://www.teo-en-ming.com and http://www.zhang-enming.com
>>> I want to see some alerts appearing on my Snort box, just to make sure
>>> my Snort NIDS is fully operational.
>>> Yours sincerely,
>>> Teo En Ming
> <How to Make Asus RT-N15U Wireless Router (Tomato by Shibby Fimware)
> Mirror Traffic to Snort - Version 1.2.pdf>
> Put Bad Developers to Shame
> Dominate Development with Jenkins Continuous Integration
> Continuously Automate Build, Test & Deployment
> Start a new project now. Try Jenkins in the cloud.
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users