RE: Linux Newb:No Alert Logging

["Harper, Patrick" <patrick.harper () phns com>]

are you on a switch?  
 
what are you scanning with?
 
is there anything in /var/log/snort/alert?
 
download http://www.cerberus-infosec.co.uk/CIS-5.0.02.zip
<BLOCKED::http://www.cerberus-infosec.co.uk/CIS-5.0.02.zip>  and run a
scan on the IP of the snort box.  It will send a lot of alerts to you
 
If you are on a switch then you will only see traffic headed for that
port so you will have to set a span (monitor) port or scan that port.
 
 
  _____  

From: Shaun Gray [mailto:SGray () medford k12 nj us] 
Sent: Thursday, June 03, 2004 8:33 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Linux Newb:No Alert Logging



Hi Guys,

No matter what I do snort seems to not alert to the Mysql DB or the
alert log location.  The output of "snort -c /etc/snort/snort.conf" is
attached.  I am using version 2.1.3 now as I thought an upgrade may have
done the trick.  I can't figure this one out at all.  I scan the server
to produce alerts and still do not get any I have also attached a "snort
-v" output file.  Maybe I should use a M$ platform.

Thanks,

Lost in need of help 




Disclaimer:
This electronic message, including any attachments, is confidential and intended solely for use of the intended 
recipient(s). This message may contain information that is privileged or otherwise protected from disclosure by 
applicable law. Any unauthorized disclosure, dissemination, use or reproduction is strictly prohibited. If you have 
received this message in error, please delete it and notify the sender immediately.