[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] RE: Snort

Subject: [ale] RE: Snort
From: cfowler at outpostsentinel.com (Christopher Fowler)
Date: Tue, 19 Aug 2003 13:20:30 -0400



This snort program is really cool.  I've got it logging to a 
directory called /tmp/sno.  It seems that you can have it go
into a database.  Will it dump the package data into th database or
just the header info.  I want to make sure the database does not 
grwo uncontrollably.  My database is behind the firewall so I can just
dump there.  It may be feasible to create a wiretap.


-- Rx [ ] --- [ ] Rx --
-- Tx [ ] --- [ ] Tx --
           |
           | Rx
          [ ] 
          [ ] Snort.


Would this be correct cable configuration.  I assume that I'll
need to send Rx+ and Rx- to the IDS but do not need to worry
about Tx+ and Tx-

Chris

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

Prev by Date: [ale] More info on rsynth problem
Next by Date: [ale] RE: Snort
Previous by thread: [ale] Snort
Next by thread: [ale] RE: Snort
Index(es):
- Date
- Thread