Snort mailing list archives
FW: Help!!!
From: <support () nps-dc org>
Date: Fri, 1 Aug 2003 23:07:44 -0400
don't know if anyone has gotten to you yet- are you on a switched network? is your eth card in promiscuous mode? (libpcap ??) Fernando -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Brandon Hanks Sent: Friday, August 01, 2003 3:32 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Help!!! I used Patrick S. Harper's install guide, <http://www.snort.org/docs/snort_acid_rh9.pdf> Snort, Apache, PHP, MySQL, ACID on Redhat 9.0 Installation Guide , without any problems. Here is my problem: When I perform a Nessus audit on a machine on my local network, Snort does not log any intrusion detection activity. But, when I direct the Nessus audit directly at the box running Snort, the log files are generated and can be viewed using Acid. In my snort.conf file, I defined my local network as 192.168.0.0/24, which covers a small windows environment. BTW, using Snort 2.0. The Snort box is located on my local network at 192.168.0.198. Why does it not register,log, or recognize attacks directed at machines within its local network? Any help will be greatly appreciated...Thanks
Current thread:
- Help!!! Brandon Hanks (Aug 01)
- Re: Help!!! Patrick S. Harper - CISSP (Aug 01)
- RE: Help!!! Tom H (Aug 01)
- <Possible follow-ups>
- RE: Help!!! Schmehl, Paul L (Aug 01)
- FW: Help!!! support (Aug 01)
- FW: Help!!! support (Aug 02)
- Help!!! henrique de lima arabe - PDBL/uoi (Aug 25)
- Re: Help!!! Matt Kettler (Aug 25)
- Re: Help!!! Erek Adams (Aug 25)
- Re: Help!!! Edin Dizdarevic (Aug 26)
- RE: Help!!! David (Aug 25)