Security Basics mailing list archives
Re: Passive Snort Setup
From: Michal Purzynski <michal () rsbac org>
Date: Fri, 20 Feb 2009 10:54:35 +0100
On Fri, 20 Feb 2009 11:19:08 +1100, Daniel Hood <dsmhood () gmail com> wrote:
Is it possible to set up a Snort IDS system with a topology like this: hosts > switch > Snort-IDS > Router But, have no ip address on either interface of the snort box and it just forward packets through after checking them for malicious activity? I don't want the snort box to do NAT or be the default gateway, I just want it to passively be there.
get a setup like this one. i'm using it and it works smooth. http://snortattack.org/docs/IPS_3M_eng.pdf
Daniel
-- Michal Purzynski RSBAC Team
Current thread:
- Passive Snort Setup Daniel Hood (Feb 19)
- Re: Passive Snort Setup Ivan . (Feb 19)
- Re: Passive Snort Setup Ray Van Dolson (Feb 19)
- Message not available
- Fwd: Passive Snort Setup Daniel Hood (Feb 20)
- RE: Passive Snort Setup Gould, Scott (Feb 20)
- Message not available
- Re: Passive Snort Setup Javier Reyna (Feb 19)
- RE: Passive Snort Setup Jeremi Gosney (Feb 20)
- Re: Passive Snort Setup Michal Purzynski (Feb 20)