On Fri, Dec 16, 2005 at 09:49:55AM GMT, Declan Grady
<Declan.Grady at nuvotem.com> incoherently babbled:
> Hi folks.
> I installed snort on my firewall out of interest, but I'm not sure I've
> configured it correctly.
>> My external IP is xx.xxx.xxx.xx in the following snort report.
>> I'm using debian, and my /etc/snort/snort.debian.conf file has :
If in doubt, use the debconf system to reconfigure snort -
This should be in CIDR notation, so if your internal network is 10.0.0.0
with the subnet mask 255.255.255.0, use use 10.0.0.0/24
> DEBIAN_SNORT_OPTIONS=" -o"
I presume this is the interface to your upstream. If so, it's fine.
So long as you have the system's root alias pointing somewhere, that's
> I have a simple firewall with external on eth1, and internal lan on eth0
> On the internal net I only have some windows PC's (mixture of ME & XP)
> and a linux mailserver
>> I am concerned to see what looks like "strange" traffic from my external IP
>> Pointers please ?
Your sample output looks good. You seem to already have snort configured
+353 (0)87 9194139 | http://www.conall.net
GPG Key: http://www.conall.net/gpg/
collective term for those who use computers. Users are divided
into three types: novice, intermediate and expert.
Novice Users: people who are afraid that simply pressing a key
might break their computer.
Intermediate Users: people who don't know how to fix their
computer after they've just pressed a key that broke it.
Expert Users: people who break other people's computers.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!