On Fri, Dec 16, 2005 at 01:06:09PM GMT, Declan Grady
<Declan.Grady at nuvotem.com> incoherently babbled:
> This is the bit I'm lost in ... my local lan is 192.168.0.xxx , my
> external fixed ip address is yyy.yyy.yyy.yyy
> Which should I use as my DEBIAN_SNORT_HOME_NET
You declare the home network to tell snort not to flag internal traffic
as suspicious.
Since your local lan is 192.168.0.xxx, you can say 192.168.0.0/24. You
don't need to add your external IP to the list, how often will traffic
from your external IP number to going to your external IP number?
Your server is doing the NAT process for you I suspect. Since it's
aware of your internal network, snort isn't performing of the other
side of your NAT setup.
--
Conall O'Brien
+353 (0)87 9194139 | http://www.conall.net
GPG Key: http://www.conall.net/gpg/
Program (n.):
1. A magic spell cast over a computer allowing it to turn one's
input into error messages.
2. An exercise in experimental epistemology.
3. A form of art, ostensibly intended for the instruction of
computers, which is nevertheless almost inevitably a failure if
other programmers can't understand it.
Eric S. Raymond - The Jargon File
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
