Snort mailing list archives
consult some questions about snort
From: fan wu <conjurer1981 () yahoo com cn>
Date: Sun, 15 Oct 2006 18:44:37 +0800 (CST)
I have configured a snort system (snort 2.4.5)on my computer for debian system. Now I am using it and I have some questions.I want to consult them. 1st: in debug.h,there is a macro definition #define DebugMessage DebugMessageFile = __FILE__; DebugMessageLine = __LINE__; DebugMessageFunc what does that mean? 2nd: in the snort.conf ,I set the output alert_unified file and output log_unified file to be snort.alert and snort.log.I am surprised that the content in these files are odd characters,which I can't read. Do the packets' content first encrypted then stored in these files? 3rd: what does the time window stand for?I guess it means the used time today.Am I right? 4th: in the snort.conf,I set the HOME_NET localhost,but many other IPs appears.These IPs are in the same B-type net. I am looking for reply, thanks. --------------------------------- Mp3疯狂搜-新歌热歌高速下
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- consult some questions about snort fan wu (Oct 15)