arpwatch and snort help
From: Jason Benway (benwayj_at_nospam.ghsp.com.removethis)
Date: 12/20/04
- Next message: Kunael: "Re: Ethereal"
- Previous message: l0n3_w012ph: "Ethereal"
- Next in thread: prg: "Re: arpwatch and snort help"
- Reply: prg: "Re: arpwatch and snort help"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 20 Dec 2004 10:19:54 -0500
I setup my first linux box last week.
Its running Fedora core 3.
When I set it up I only had 1 NIC. it is on our main subnet.
I installed a second NIC and I was able to get it working. I've setup the
second nic on a mirroreds switch port so it can see traffice on 4 of our
VLANS (each VLAN is on a different subnet)
I would like to setup arpwatch to only use the second NIC and for it to
alert me to traffic on all VLANs.
I've seen the -n switch for arpwatch, but how do I use that when arpwatch is
running as a service?
How do I use the -n switch when the subnets are not together (example:
10.0.0.1,192.168.1.1,192.168.42.1)
I would also like to setup snort to only listen on the second NIC
Thank you
jb
- Next message: Kunael: "Re: Ethereal"
- Previous message: l0n3_w012ph: "Ethereal"
- Next in thread: prg: "Re: arpwatch and snort help"
- Reply: prg: "Re: arpwatch and snort help"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
