User Tools

Site Tools


en:security:network:detection:tools:snort
 
 

Snort

The idea is to add another server, a snort box (IDS) that is actually another central server (yet has no IP address) and copy each packet intended for already existing central servers (if any).

  • Promiscuous mode
  • Rule: Only listen for this IP address on this port (of existing central server)

en/security/network/detection/tools/snort.txt · Last modified: 2020/07/13 06:43 by Digital Dot