Snort mailing list archives

Previous By Date Next
Previous By Thread Next

running snort

From: Zachary Uram <yoda () orion netrek org>
Date: 23 Oct 2002 22:19:37 -0400
When I installed snort (as a Debian package), the config asked me how I
wanted to run it. I said to run it when I connect online (I run PPP over
dial up so I'm not always online). So I see when online I see this
process running:

snort    15188  0.0  5.2 51748 6680 ?        S    21:53   0:00
/usr/sbin/snort -D -S HOME_NET=209.166.149.242/32 -h 209.166.149.242/32
-c /etc/snort/snort.conf -l /var/log/snort/ -b -d -u snort -g snort -i
ppp0 -p -o

Now my question is how could I run snort interactively? Do I have to do
"/etc/init.d/snort stop" and then run snort from command line to do
this?

Also is there any way I can have snort alert me when there is a Priority
1 alert logged? Ideally it would mail root the relevent alert as well as
do something in X to get my attention a la xbiff - flashing icon and
sound ideally.

Zach




-------------------------------------------------------
This sf.net email is sponsored by: Influence the future 
of Java(TM) technology. Join the Java Community 
Process(SM) (JCP(SM)) program now. 
http://ads.sourceforge.net/cgi-bin/redirect.pl?sunm0002en

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: