[GLLUG] snort and dual NIC monitoring
Stanley C. Mortel
mortel at cyber-nos.com
Mon May 3 17:20:05 EDT 2010
Has anyone got enough experience configuring snort to know if it can be
set to monitor traffic on two NICs at once? What I am looking at is
using a passive network tap without aggregation, thus feeding the
inbound and outbound traffic to a box with two NICs installed using
properly wired unidirectional sniffing cables. Doesn't seem like you'd
need two snort boxes to watch both Rx and Tx traffic going over a wire.
Anyway, I've not had much luck googling this. So before I spent much
more time on it, I thought I'd ask here.
Thanks.
Stan
More information about the linux-user
mailing list