Re: Not Picking up Much WHY "I am pulling out my hair"

[Patrick Harper <lists () internetsecurityguru com>]

do you have any filters set up, if Snort is behind your firewall it will
only see what makes it thorough


On Sun, 2003-10-12 at 17:23, Elijah Savage wrote:
> I have setup snort2.0 and Barnyard0.1.0 on my adsl link on my firewall
> it is logging to a mysql database on a different machine which is
> running ACID but the only thing I seem to be picking up is icmp stuff. I
> have turned on all the rules, as a drastic measure from the inside I
> went and visited some pr0n sites and it was not picked up. I am
> monitoring the outside interface on the firewall fxp0. I am at a lost. I
> have essentially left everything at the default except for the home net
> and uncommenting all the rules trying to make sure everything is
> working. I know my config files are large and can be cut down and tuned
> but I just want to get it working first. In Acid I got 100% ICMP traffic
> and 0% TCP 0%UDP, if anyone can help me understand what I might be doing
> wrong it would be greatly appreciated. This is how I start snort and
> Barnyard. 




-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users