Clicky

Hi, I've installed Snort on Centos, and have it running successfully.  Only thing is that in BASE, I don't see any alerts even though I've thrown nmap traffic around the LAN, and even at the snort box itself.  I'm running this in VMWare where the adapter that is in promiscuous mode is mapped to a wireless G card (no choice there).  I'm guessing this configuration is going to be problematic right?  I'm probably going to need a hardwired connection?

Thank you!

asked 11/30/2011 02:11

schnibitz's gravatar image

schnibitz ♦♦


6 Answers:
Yes if you want to see all the traffic on your netwrok you are going to have to use a wired connection and also quite possibly make changes to your switch config.

Read here  http://landetective.com/products/internet-monitor/manual/traffic-analysis.html
link

answered

Neilsr's gravatar image

Neilsr

Exactly the info I needed.
link

answered 2011-11-30 at 23:01:23

schnibitz's gravatar image

schnibitz

If it is EXACTLY the info you needed then why a grade 'C' ? :(
link

answered 2011-12-01 at 07:03:41

Neilsr's gravatar image

Neilsr

Oh crap!  Can I change that?
link

answered 2011-12-01 at 07:28:57

schnibitz's gravatar image

schnibitz

I put in a request to the mods to change it to an A, my apologies.  Been out of it today, just selected the wrong radio button.
link

answered 2011-12-01 at 12:48:32

schnibitz's gravatar image

schnibitz

Thank you very much!
link

answered 2011-12-01 at 12:50:07

schnibitz's gravatar image

schnibitz

Your answer
[hide preview]

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Tags:

Asked: 11/30/2011 02:11

Seen: 254 times

Last updated: 11/30/2011 11:03