snort-users May 2009 archive
Main Archive Page > Month Archives  > snort-users archives
snort-users: Re: [Snort-users] whether wireshark can be integrat

Re: [Snort-users] whether wireshark can be integrated with snort??

From: Joel Esler <jesler_at_nospam>
Date: Tue May 19 2009 - 16:27:37 GMT
To: Sadanand Ghagare <sadanandgh@gmail.com>


If your machine can handle it, you can run Snort sniffing directly on the same interface that wireshark is listening. You'll get much better performance out of Snort.

J

On Tue, May 19, 2009 at 12:01 PM, Sadanand Ghagare <sadanandgh@gmail.com>wrote:

> Hi
>
> We are in process to implement snort as network sensor in our network. But
> problem here is, we already have wireshark machine connected to monitoring
> port of switch and we don't want to disturb existing setup.
> So whether it is possible to integrate snort with wireshark so that snort
> can analyze the packets captured by wireshark as per snort rule base.
> If yes, how to configure it.
> I hope I am up to the point for my requirements.
>
> --
>
>
> Thanks & Regards
>
> Sadanand G.
>
>
> ------------------------------------------------------------------------------
> Crystal Reports - New Free Runtime and 30 Day Trial
> Check out the new simplified licensing option that enables
> unlimited royalty-free distribution of the report engine
> for externally facing server and web deployment.
> http://p.sf.net/sfu/businessobjects
> _______________________________________________
> Snort-users mailing list
> Snort-users@lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
-- joel esler | Sourcefire | gtalk: jesler@sourcefire.com | 302-223-5974

------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects

_______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users