Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort Newbie

From: Darrin Powell <dpowell () lssi net>
Date: Thu, 14 Jun 2001 16:51:33 -0400

 I am setting up snort on my Linux 7.0 box. I have it where I can run it and 
send the reports to /var/log/snort/*ip* . All that ends up in these logs are 
the hex dumps. I was expecting 

Oct 24 10:38:00 host22-107 snort:spp_portscan:PORTSCAN DETECTED from *ip* 
(STEALTH)

How do I get outputs like this?

A few more questions

Does snort take up a lot of CPU usage?
Does snort have to be ran as root?
Is there any known security holes with snort?



Thanks in advance

Darrin

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: