Hi,

I have been using snort successfully on Linux for a while now, and
this weekend I attempted to add some protection to my windows 98
'firewall' running Internet Connection Sharing (I know, I know,
but my USB ADSL modem doesn't work under Linux).

I'm not 100% sure of the details here as win98 networking isn't
my thing, but the interface that seems to get the external ip
is called ICSSHARE. However, starting snort using this interface
results in a message along the lines of:

Using interface ICSSHARE.
Cannot open interface.

Snort stops at this point and the machine often freezes.

snort command line:

snort -c snort.conf -l log\ -i 7

(Apologies for the vagueness, I'm at work atm and doing this
from memory)

Attaching to any other interface results in either snort exiting
or no alerts being logged.

Is snorting an ICS interface possible, or am I in a world of hurt?

TIA,

Andy

PS. I've got a FreeBSD ISO on the way which will hopefully make
all this academic :)

_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]