Snort mailing list archives
Snort Logging IP's but isn't Creating the Alert File
From: "Palula Brasil" <palula () uol com br>
Date: Wed, 12 Apr 2006 22:06:01 -0300
Hey everybody! I've been using Snort as a single box IDS (HIDS). I found a new box and am preparing it to be a NIDS. Anyway... Here is the line which I've been working with: /usr/sbin/snort -D -A full -N -i eth0 -p -l /folder/subfolder/ -h x.x.x.x/x -D to work as Daemon -A full to generate full alerts -N for it not o log folders with machine IP's (I just want the alerts) -i eth0 to watch on my eth0 interface -p for the interface to act non promiscuous -l to log to this folder -h to designate a home network But this generates no alerts. I personally went to a security testing site and issued a portscan on my machine, beside doing a portscan from work and nothing has been alerted. What am I doing wrong? Thanks a lot!
Current thread:
- Snort Logging IP's but isn't Creating the Alert File Palula Brasil (Apr 12)
- <Possible follow-ups>
- Re: Snort Logging IP's but isn't Creating the Alert File H3XX (Apr 12)