| Atkins, Dwane P 2004-09-22, 10:25 pm |
| This is a multi-part message in MIME format.
------_=_NextPart_001_01C49BF9.C3E50E7B
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
I am using Redhat 9.0 with Snort and have it loaded and it looks like it
is properly configured. I have dual NICs and have my sniffing port in
promiscuous mode with a 0.0.0.0 address. Is this going to be a problem?
Should I assign it an address, put it in promiscuous mode and then
assign the VLAN traffic to it? Also, I want to be able to view a report
of what is happening. I did the Acid console, but would love to be able
to monitor more than one or two snort sensors.
=20
Any help would be appreciated.
=20
Dwane Atkins
=20
=20
------_=_NextPart_001_01C49BF9.C3E50E7B
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 11 (filtered)">
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{font-family:Arial;
color:windowtext;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>I am using Redhat 9.0 with Snort and have it loaded =
and it
looks like it is properly configured. I have dual NICs and have my =
sniffing
port in promiscuous mode with a 0.0.0.0 address. Is this going to =
be a
problem? Should I assign it an address, put it in promiscuous mode =
and then
assign the VLAN traffic to it? Also, I want to be able to view a =
report of
what is happening. I did the Acid console, but would love to be =
able to
monitor more than one or two snort sensors.</span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Any help would be appreciated.</span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Dwane Atkins</span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'> </span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'> </span></font></p>
</div>
</body>
</html>
------_=_NextPart_001_01C49BF9.C3E50E7B--
-------------------------------------------------------
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM.
Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
________________________________________
_______
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists...nfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf....ist=snort-users
|