Results 1 to 2 of 2

Thread: What does it mean when "Snort" runs on a port??

Thread Tools
- Show Printable Version
Display
- Switch to Linear Mode
- Switch to Hybrid Mode
- Threaded Mode

Threaded View

August 13th, 2004, 12:15 AM #2
cheyenne1212

View Profile

View Forum Posts

Visit Homepage
Senior Member

Join Date

Feb 2003

Location

Memphis, TN

Posts

3,747
A IDS system doesn't really run on just a port, it runs on a whole server, usually in front of all your computers before the switch or router.

So it would look like this

WAN Connection --> Snort --> Router/Server ---> Switch

or somethign similiar to that.

Snort or any other IDS listens on all ports and monitors all traffic for the rules you specify it to watch for.

So in other words all the traffic must pass through one box which has the IDS system on it in, before the internet traffic is branched off to the other computers, in order for the IDS to be used effectively.

=
Reply With Quote

Quick Navigation IDS & Scanner Discussions Top

« Previous Thread | Next Thread »

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
[VIDEO] code is On
HTML code is Off

Forum Rules

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Thread: What does it mean when "Snort" runs on a port??

Thread Tools

Display

Threaded View

Posting Permissions