Snort mailing list archives
RE: Snort & Snot
From: "Ronneil Camara" <ronneilc () remingtonltd com>
Date: Tue, 22 Jan 2002 11:08:26 -0600
-> -----Original Message----- -> From: bluz [mailto:bluz () digitaldilemma com] -> Sent: Tuesday, January 22, 2002 10:43 AM -> To: snort-users () lists sourceforge net -> Subject: [Snort-users] Snort & Snot -> -> -> Hi, -> -> I'm sorry if this question has come up before, but I'm new -> to the list -> and couldn't find any mention of this in the archives.... -> -> I've been running SNORT 1.83 for a while and it seems to be working -> fine. I just installed SNOT 0.92a and have run multiple RULE files -> against SNORT... -> -> The problem is, only a small percentage of SNOT generated attacks is -> reported by SNORT on the attacked system. I'm not sure if -> the problem -> is SNORT or SNOT. First question is, is your sensor connected to a switch? Second is, if so, is the port where you sensor is connected configured as a monitoring port? Third is, your $home_net. Check it out. Fourth is, you might be using -z est param. Hope this helps... neil _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Snort & Snot Garbrecht, Frederic (Jan 22)
- <Possible follow-ups>
- RE: Snort & Snot Ronneil Camara (Jan 22)