Snort mailing list archives
remote logging snort rules question
From: "Rob Burris" <robeb () keepthevibe com>
Date: Sat, 16 Nov 2002 16:31:18 -0700
*This message was transferred with a trial version of CommuniGate(tm) Pro* I'm trying to log packets coming from outside a network and going to a remote machine. alert tcp !0.0.0.0/24 any -> 0.0.0.109 any To start snort I do... snort -d -h 0.0.0.0/24 -l /var/log/snortlog/ -c /usr/local/src/snort/snort-1.9.0/rules/my.rules -s -D I'm not getting any packet logs going to that machine but I do get packet logs from THAT machine to my box. I'm wondering why I am getting packet logs to my machine (that is the only rule I have in my.rules) and how I can configure snort to log packets to that machine that come from outside of my network? ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- remote logging snort rules question Rob Burris (Nov 18)