[ale] RE: Snort
Christopher Fowler
cfowler at outpostsentinel.com
Tue Aug 19 13:20:30 EDT 2003
This snort program is really cool. I've got it logging to a
directory called /tmp/sno. It seems that you can have it go
into a database. Will it dump the package data into th database or
just the header info. I want to make sure the database does not
grwo uncontrollably. My database is behind the firewall so I can just
dump there. It may be feasible to create a wiretap.
-- Rx [ ] --- [ ] Rx --
-- Tx [ ] --- [ ] Tx --
|
| Rx
[ ]
[ ] Snort.
Would this be correct cable configuration. I assume that I'll
need to send Rx+ and Rx- to the IDS but do not need to worry
about Tx+ and Tx-
Chris
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list