Snort mailing list archives
RE: Traffic flow
From: "RAJNEEL DHOTRE" <rajneel_d () hotmail com>
Date: Wed, 29 Oct 2003 04:13:09 +0000
Yes, that is true, i need to set the mirror port. But why i am not able to see the ICMP traffic and also i am using SSH to connect Snort Server, even that traffic i am not able to see.
Before putting Snort on Production i need to test it on LAN. regards, Rajneel
From: "Lepich, Jesse A Mr GLWACH" <Jesse.Austin.Lepich () us army mil> To: 'RAJNEEL DHOTRE' <rajneel_d () hotmail com> Subject: RE: [Snort-users] Traffic flow Date: Tue, 28 Oct 2003 09:36:10 -0600 MIME-Version: 1.0Received: from dasmthkhn463.amedd.army.mil ([192.138.24.92]) by mc12-f18.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Tue, 28 Oct 2003 07:59:20 -0800 Received: by dasmthkhn463.amedd.army.mil with Internet Mail Service (5.5.2656.59)id <VXVPP8QN>; Tue, 28 Oct 2003 09:36:49 -0600X-Message-Info: JGTYoYF78jEO+VXk3TyS+rZlv2Sx8nS/Message-ID: <109DBBFC212ED5119BED00A0C9EA33180567D6A1 () dasmthgsh666 amedd army mil>X-Mailer: Internet Mail Service (5.5.2656.59) Return-Path: Jesse.Austin.Lepich () us army milX-OriginalArrivalTime: 28 Oct 2003 15:59:20.0597 (UTC) FILETIME=[72E25450:01C39D6C]You'll need to setup a mittored port so that snort can see all the traffic on the switch.... -----Original Message----- From: RAJNEEL DHOTRE [mailto:rajneel_d () hotmail com] Sent: Tuesday, October 28, 2003 2:05 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Traffic flow Hi ,I am new to Snort, need some help. I have installed Snort on Redhat Linux 9.After installation, when I open the Acid page. I cannot see any traffic flowing. TCP, UDP and ICMP are Zero percentage. I have kept a continuous ping from another machine to Snort Server. Snort Console Shows running with PID 1706.Snort server is connected on the Switch, but I have not enabled port mirror.I am using Cisco 2950 switch, is this good for Snort IDS regards, Rajneel Dhotre _____ He's the fastest Indian.He's Narain Karthikeyan. Will he make it to F1? <http://g.msn.com/8HMAENIN/2734??PS=>------------------------------------------------------- This SF.net email issponsored by: The SF.net Donation Program. Do you like what SourceForge.netis doing for the Open Source Community? Make a contribution, and help us addnew features and functionality. Click here: http://sourceforge.net/donate/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_________________________________________________________________Find your first love.Rekindle past joys! http://www.batchmates.com/msn.asp Get in touch with batchmates.
------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Traffic flow RAJNEEL DHOTRE (Oct 28)
- <Possible follow-ups>
- RE: Traffic flow RAJNEEL DHOTRE (Oct 28)