Snort mailing list archives
Re: Snort on Checkpoint Firewall-1
From: Fyodor <fygrave () tigerteam net>
Date: Sun, 21 Oct 2001 02:24:22 +0700
possible to examine checkpoint binaries? :) On Fri, Oct 19, 2001 at 04:54:55PM -0400, Dresen, Scott wrote:
I'm running Snort v1.8.1 on the same Linux box that I'm running a Checkpoint Firewall-1 firewall. However, my snort logs are not showing any activity. When I ran Snort with IPTables, I saw plenty of activity. I'm wondering if anyone knows whether or not Checkpoint runs at a higher priority on Linux and therefore blocks packets before Snort has a chance to analyze them? TIA, Scott
-- http://www.notlsd.net PGP fingerprint = 56DD 1511 DDDA 56D7 99C7 B288 5CE5 A713 0969 A4D1 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort on Checkpoint Firewall-1 Dresen, Scott (Oct 19)
- RE: Snort on Checkpoint Firewall-1 Ofir Arkin (Oct 19)
- So many of false alerts Syed Mohammad Talha (Oct 19)
- Re: Snort on Checkpoint Firewall-1 Fyodor (Oct 20)
- RE: Snort on Checkpoint Firewall-1 Ofir Arkin (Oct 19)