我在 Windows 上运行 snort 来嗅探单个界面。我想用 snort 嗅探两个接口,我了解到我为不同的接口触发了两次相同的命令。
现在我想将它作为服务运行,我使用了这个命令`
c:\snort\bin\snort.exe /SERVICE /INSTALL -i 1 -lc:\snort\log -cc:\snort\etc\snort.conf
这将为 Snort 创建一个服务。那么,如何将 snort 作为多个接口的服务运行呢?
任何帮助将不胜感激。
问问题
1018 次
1 回答
0
I'm not all that familiar with Snort on windows, but if you're able to do it, it should work similar to Linux. You would have to bridge the interfaces (windows 7 steps) and use the bridge with the -i. If you bridge your 2 interfaces and then run "snort -W" and see the bridge show up, you should just be able to use that to sniff on both interfaces. I have never tested this though, but in theory it should work.
于 2014-10-22T03:04:20.173 回答