configuring snort

Kernels & Hardware, configuring network, installing services

configuring snort

Postby viniosity » 2004-09-26 03:40

I'm installing snort on a debian/sarge system and after it installed it asked me to "Please enter the address range that Snort will listen to"

It defaults to this is a form (I guess called CIDR) that I've never seen before.. Can anyone help me with the answer.. my network is a range and I'm not interested in detecting intrusion from within the network.

User avatar
Posts: 46
Joined: 2004-09-15 04:39
Location: DC

Postby lacek » 2004-09-27 09:30

You can specify your IP when setting up snort using this form:
You need to edit /etc/snort/snort.conf anyway, to set up the network segment which doesn't generate alerts, for example.
Set the HOME_NET variable to to rule out your internam net.

FYI, this kind of form of giving the network address is used to specify the networks the following way:
The first part is the IP address. The second (after the '/') is the netmask. The number in the second field equals the ones in the netmask from left to right, when the mask is represented as a binary number.
Moderator Team Member
Posts: 769
Joined: 2004-03-11 18:49
Location: Budapest, Hungary

Return to System configuration

Who is online

Users browsing this forum: No registered users and 14 guests