Snort mailing list archives
A little confused.
From: "Leandro Asnaghi-Nicastro" <leandro () capnasty org>
Date: Fri, 15 Jun 2001 17:37:16 -0400
Howdy. Forgive me for being this stupid, I guess I just ain't bright. I installed Snort (thanks again to everyone for their help) and it works. Now, since I installed LogCheck, I wanted Snort to throw the logs out to syslog instead of the directories. This would allow me to receive hourly reports on what Snort found. So this is what I have come up with (as far as I understand) for the command line: /usr/local/bin/snort -c /etc/snort.conf -s -N -D So: -c loads snort.conf -s Log alerts sent to syslog -N Turn off logging (I'm assuming this is in the directories? I don't want it writing in the directories, just say what's up in the syslog) -D daemon Is that it? Also, inside /etc/snort.conf Does the entry of an IP number have to appear as: var DNS_SERVERS [10.80.1.3] Or? var DNS_SERVERS 10.80.1.3 Again, sorry. Thank you again for your time. ___ leandro asnaghi-nicastro - editor in chief capital of nasty - http://www.capnasty.org leandro () capnasty org - icq uin: 889318 Prayer does not change God, but changes him who prays. -- Kierkegaard (1813-1855) _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- A little confused. Leandro Asnaghi-Nicastro (Jun 15)