Snort mailing list archives
RE: snort running as daemon while sysloging
From: "Harper, Patrick" <patrick.harper () phns com>
Date: Fri, 23 Jul 2004 17:55:24 -0500
Make the changes in your snort.conf file and use the S99snort file that comes with the RPM and or source to start it. Make sure you edit the S99snort (you will have to change the path to the snort binary and the snort.conf file) and give it +x. This is the way I have done it before? Patrick S. Harper | CISSP RHCT MCSE Information Security Engineer patrick.harper () phns com -----Original Message----- From: nanocurie [mailto:nanocurie () comcast net] Sent: Friday, July 23, 2004 4:43 PM To: snort-users Subject: [Snort-users] snort running as daemon while sysloging Hello all, I want snort to start at boot as a daemon on Fedora Core 2 (redhat). I want it to log its alerts in /var/log/snort/ (which already exists) in syslog format. I've pieced this together from what I've found on the net... /usr/local/bin/snort -l /var/log/snort -D -h xxx.xxx.xxx.xxx/xxx -c /usr/local/snort/etc/snort.conf I look in /var/log/snort/ and nothings happening. Although, I've found somethings in /var/log/messages, regarding snort's initialization but not much else. This snort.conf file is stock, and for the most part, unchanged from the initial install. I've google'd and I've read through the man's. Am I going in the right direction? Any suggestions? thanks ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Disclaimer: This electronic message, including any attachments, is confidential and intended solely for use of the intended recipient(s). This message may contain information that is privileged or otherwise protected from disclosure by applicable law. Any unauthorized disclosure, dissemination, use or reproduction is strictly prohibited. If you have received this message in error, please delete it and notify the sender immediately. ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_idG21&alloc_id040&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort running as daemon while sysloging nanocurie (Jul 23)
- Re: snort running as daemon while sysloging sekure (Jul 24)
- Help for dropping packet bonnie buwono (Jul 24)
- <Possible follow-ups>
- RE: snort running as daemon while sysloging Harper, Patrick (Jul 23)
- Re: snort running as daemon while sysloging sekure (Jul 24)