Snort mailing list archives
General snort problem
From: "V." <debian22 () yahoo fr>
Date: Mon, 27 Aug 2001 18:52:28 +0200 (CEST)
Hi, I have a box with Snort running on Solaris 8 (sparc). Snort is running for a few weeks and it seems that it cannot "see" everything on the network. Most of the log entries are ICMP related: Time-To-Live Exceeded in Transit, Unknow type... but nothing else ! When I try to run a nmap scan against the box or on the network, snort did not see it ! I have tried with Snort 1.7 and Snort 1.8 (1.8.1 too). I am using the following parameters: snort -Ddo -i hme0 -l /var/log/snort -c /var/snort/snort.conf I think the problem come from the snort installation. When, I did compile Snort locally, it worked correctly but now, I am trying to compile it on an other box and copy the binaries on the IDS box. I copied the following files: - libfl.a and libpcap.a -> libpcap - snort main binary and snort rules files Any idea on which files I am missing ? Any suggestions to solve this problem ? THanks. Vi. ___________________________________________________________ Do You Yahoo!? -- Un e-mail gratuit @yahoo.fr ! Yahoo! Courrier : http://fr.mail.yahoo.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- General snort problem V. (Aug 27)
- <Possible follow-ups>
- Re: General snort problem V. (Aug 27)