Home page logo

snort logo Snort mailing list archives

Distributed Snort possibility?
From: turki <turki_00 () yahoo com>
Date: Sat, 11 Dec 2010 07:44:41 -0800 (PST)


I am new to Snort and I have these totally newbies questions:

1- Can Snort monitors remote network traffic. meaning Snort is installed in
 a local network and it needs to monitor/capture packets from remote 
network. is this possible? (I am not sure where should Snort sensor be 
installed in this case in the local network or in the remote network?)

2- If I have 2 separate machines in the same network, each run its own Snort. can they (both) log alerts into the same 
MySql db? (shared db for multiple Snort instances?)

3- same scenario as question 2 (above), can the two Snort machines share the same rules between them?

Thank you,

Oracle to DB2 Conversion Guide: Learn learn about native support for PL/SQL,
new data types, scalar functions, improved concurrency, built-in packages, 
OCI, SQL*Plus, data movement tools, best practices and more.
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]