LJ Archive

Listing 3. /etc/snort/snort.conf for a Stealth Logger

var EXTERNAL_NET any

config dump_payload
config dump_chars_only
config logdir: /var/log/snort

preprocessor frag2

log udp 192.168.1.20/32 any -> 192.168.1.111/32 514
(logto:"logged-packets";)
Archive Index Issue Table of Contents Article
LJ Archive
Copyright © 1994 - 2018 Linux Journal. All rights reserved.