Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: snort.org > snort-devel > 04 > 030999.html (Request Expert snort.org Support)

[Snort-devel] [ snort-Support Requests-918892 ] newbie - snort with two network cards

From: SourceForge.net <noreply(at)sourceforge.net>
Date: Thu Mar 18 2004 - 11:50:10 EST


Support Requests item #918892, was opened at 2004-03-18 08:50 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=203357&aid=918892&group_id=3357

Category: None
Group: None
Status: Open
Priority: 5
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Nobody/Anonymous (nobody)
Summary: newbie - snort with two network cards

Initial Comment:
Hi

I have just installed snort with acid, php and mysql support on fedora-core and want to run it as a ids. The machine it is on has two network cards and will be sitting in between the firewall and the internal network and has E-trust gateway anti-virus software on it. This machine will act as a router and all trafic between internal network and internet will have to pass through this machine and then the dedicated firewall before entering the outside world. The following is how my network will look:

INTERNET --- FIREWALL --- SNORT/ANTI-VIRUS--- LAN The two network cards are configured with the following ip adresses, eth0=192.168.0.9 and eth1=10.0.0.1 with ip forwarding swithed on and firewall off and eth0 is the gateway to all the lan computers.

What I want to know is this placement ok and which interface should snort be told to monitor (192.168.0.9 or 10.0.0.1). I would also want to know if used as a IDS, is it ok to leave the default setting and just update the latest rules from the internet regularly - would this be sufficent?

Thanks

Zahid Ali

Do you need help?X

Network/Support administrator  

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=203357&aid=918892&group_id=3357


This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click

Snort-devel mailing list
Snort-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-devel Received on Fri Mar 19 10:29:30 2004

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:08:10 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library