[Snort-users] snort kvm network

Emilio Joel Macias emilio at ...17052...
Sun Dec 21 09:13:41 EST 2014


I have installed two physical machines with KVM virtualization using Red
hat as OS ( h1 and h2). In h1 I have installed the virtual machines w1 and
db1 and in h2 the virtual machines w2 , db1 and ids. The virtual machine
ids contain snort as IDS system. After the installation i ran the command:

brctl setageing br0 0

in order to permit snort sniff the network traffic but only is passing the
traffic related with the physical machine h2 which is the Host the snort
machine but nothing related with machine h1 and their virtual Guests.

Is possible with snort installed in a KVM virtual machine detect the
traffic of the rest of machines in the network or only can detect the
traffic of the machines sharing the same bridge?

thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20141221/c0ba549b/attachment.html>


More information about the Snort-users mailing list