Re: How to place Snort machine on the network ?

["Szilagyi Gergely" <szilagyi () direkt-kfki hu>]

> Hi
> If you send the config of your switch (decorated of course Interface
> Ethernet0/0 ip xxx.xxx.xxx.xxx ) maybe I can give you some assistance with
> the span port.
> Best Regards
>     Gergely Szilagyi
>     gergely () szilagyi org
>
> ----- Original Message -----
> From: "Syed Tariq Mustafa" <Mustafast () alj com>
> To: <snort-users () lists sourceforge net>
> Sent: Tuesday, January 08, 2002 12:49 PM
> Subject: [Snort-users] How to place Snort machine on the network ?
>
>
> > Hi All,
> >
> > I am new to the Snort stuff. But I have managed to install and test it.
> Its
> > working fine as far as running it is concerned. I set the eth0 LAN
> > connection to PROMISCIUS mode, which is then supposed to capture all
> network
> > traffic.
> >
> > But it is not happening so if you use " snort -v " to display the
traffic
> on
> > your screen.
> >
> > All I could see is the broadcast traffic. Say a packet from 192.168.0.10
> to
> > 192.168.0.255 but machine to machine communication isn't just appearing
> !!!
> > I am connected to the network using a Cisco 2912 switch and have set one
> of
> > its port to Monitoring Port. Now I am not sure if it is properly set as
> > monitoring port or not ... !!!
> >
> > Can someone tell me what is the cause of this problem.
> >
> > Thanks
> >
> > Trek


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users