If you have 5 switches on a network how would set up snort on the network? Do you need to put 5 different sensors on each of the spanning ports? or is their a way to set up snort on each of the spaning ports?
Printable View
If you have 5 switches on a network how would set up snort on the network? Do you need to put 5 different sensors on each of the spanning ports? or is their a way to set up snort on each of the spaning ports?
http://www.mcabee.org/lists/snort-us.../msg00262.html
http://www.shmoo.com/mail/ids/oct99/msg00567.html
Hope this helps.
Peace always,
<jdenny>
ISS Security Advisory - Snort v1.8 through 1.9.0 contains a remote root vulnerability in the processing of fragmented RPC traffic. Since fragment sizes are not properly checked against the remaining buffer space, remote attackers can execute arbitrary code as root by sending a packet to any IP in network space a snort sensor is listening to. Successful exploitation does not generate log entries, and non-executable stacks do not offer protection. Homepage: http://xforce.iss.net.