Snort mailing list archives
snortsam
From: Ralf Hildebrandt <Ralf.Hildebrandt () charite de>
Date: Wed, 15 May 2002 14:21:00 +0200
Hi! I'm trying out to run snort together with snortsam and the snort-alert plugin. After a painful installation process due to the lousy docs, I now have the follwoing problem: When I start snort, I get: ... Back Orifice detection brute force: DISABLED Using LOCAL time [Alert_FWsam] Connected to mgmt station 127.0.0.1. [Alert_FWsam](CheckIn) Password mismatch! Ignoring mgmt station 127.0.0.1. 1086 Snort rules read... 1086 Option Chains linked into 109 Chain Headers 0 Dynamic rules ... -*> Snort! <*- Version 1.8.7beta1 (Build 117) What the hell is going on? In my snortsam.conf: accept 127.0.0.1/mypassword In my snort.conf: output alert_fwsam: 127.0.0.1:898/mypassword Clearly, those two passwords match. Snort is started like this: /usr/sbin/snort -S HOME_NET=[141.42.0.0/16,193.175.64.0/21,192.168.0.0/16,172.16.0.0/12] -h 141.42.0.0/16,193.175.64.0/21,192.168.0.0/16,172.16.0.0/12 -c /etc/snort/snort.conf -l /var/log/snort -b -d -u snort -g snort -i eth1 -- Ralf Hildebrandt (Im Auftrag des Referat V A) Ralf.Hildebrandt () charite de Charite Campus Virchow-Klinikum Tel. +49 (0)30-450 570-155 Referat V A - Kommunikationsnetze - Fax. +49 (0)30-450 570-916 So unleash your nmap-from-hell and beware, you may tickle an obscure bug in an ancient box hand-built by Seymour Cray himself, the only one of its kind ever made, whose sole user pays the salaries of everyone you ever met in the entire time you worked at the company, with money he makes with an investment strategy hand-coded in assembler for this special machine, by an analytic wizard who has since died. _______________________________________________________________ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: bandwidth () sourceforge net _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snortsam Ralf Hildebrandt (May 15)