| To: | erlug@xxxxxxxxxxxxxx |
|---|---|
| Subject: | Re: [Erlug] ... sgrunt, sbuff, snort ... |
| From: | Marco Innocenti <dot0037@xxxxxxxxxxxxxxxxxxx> |
| Date: | Fri, 1 Mar 2002 18:04:51 +0100 |
On Mar 01, -=Fen0x=- <fenox@xxxxxxxxx> wrote: > From: -=Fen0x=- <fenox@xxxxxxxxx> > To: erlug@xxxxxxxxxxxxxx > Subject: Re: [Erlug] ... sgrunt, sbuff, snort ... > X-BeenThere: erlug@xxxxxxxxxxxxxx > X-Mailman-Version: 2.0.6 > Reply-To: erlug@xxxxxxxxxxxxxx > List-Help: <mailto:erlug-request@xxxxxxxxxxxxxx?subject=help> > List-Post: <mailto:erlug@xxxxxxxxxxxxxx> > List-Subscribe: <http://mail.erlug.linux.it/cgi-bin/mailman/listinfo/erlug>, > <mailto:erlug-request@xxxxxxxxxxxxxx?subject=subscribe> > List-Id: ERlug - Lista Pubblica <erlug.erlug.linux.it> > List-Unsubscribe: <http://mail.erlug.linux.it/cgi-bin/mailman/listinfo/erlug>, > <mailto:erlug-request@xxxxxxxxxxxxxx?subject=unsubscribe> > List-Archive: <http://mail.erlug.linux.it/cgi-bin/mailman/private/erlug/> > X-UIDL: c414984c56db45f34c831335df019a43 > > On Fri, Mar 01, 2002 at 05:07:25PM +0100, Marco Innocenti wrote: > > > > var HOME_NET [192.168.0.0/24] > > > > Qui gli hai detto di loggare solo i tentativi di scan verso > > 192.168.0.0 netmask 255.255.255.0. Sicuro di voler vedere > > attacchi verso questi range di ip (e non magari verso quelli > > pubblici). > > ... uhm ... > ... cito dal commento in snort.conf poche righe sopra ... > > ################################################### > # Step #1: Set the network variables: > # > # You must change the following variables to reflect > # your local network. The variable is currently > # setup for an RFC 1918 address space. > # > # You can specify it explicitly as: > # > # var HOME_NET 10.1.1.0/24 > > ... imho quella variabile si riferisce al network *locale* e non al > range di ip dal quale dovrebbero provenire gli attacchi ... > ... o sbaglio ? ... Snort logga solo gli attacchi diretti verso gli ip in HOME_NET. -- Ciao Marco Innocenti |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [Erlug] script di buffy, Maurizio Lemmo - Tannoiser |
|---|---|
| Next by Date: | [Erlug] DHCP, Francesco Rabbi |
| Previous by Thread: | Re: [Erlug] ... sgrunt, sbuff, snort ..., -=Fen0x=- |
| Next by Thread: | Re: [Erlug] ... sgrunt, sbuff, snort ..., -=Fen0x=- |
| Indexes: | [Date] [Thread] [Top] [All Lists] |