Snort mailing list archives
Re: No alerts attacking with nmap
From: Joel Esler <joel.esler () sourcefire com>
Date: Wed, 28 Mar 2007 08:58:04 -0400
Read the snort.conf and the Snort manual. Both of these will help you tune Snort. It's the best advice for a new starter.
J +---------------------------------------------------------------------+ Joel Esler Security Consultant gpg key: http://demo.sourcefire.com/jesler.pgp.key +---------------------------------------------------------------------+ On Mar 28, 2007, at 4:19 AM, Josep Pujadas i Jubany wrote:
Hello! I have trouble adjusting my snort.conf ...I attacked the snort sensor from another machine on my LAN, using nmap, andany alert is showed. snort is working (I have some UDP and ICMP alerts) ... I'm running it on a FreeBSD 6.2 machine: # pkg_info | grep snort oinkmaster-2.0 Help you update your snort rules after each update snort-2.6.1.3 Lightweight network intrusion detection system Any idea for my problem ? Where can I find good examples for configuring/adjusting snort.conf ? Thanks in advance, Josep Pujadas---------------------------------------------------------------------- ---Take Surveys. Earn Cash. Influence the Future of ITJoin SourceForge.net's Techsay panel and you'll get the chance to share youropinions on IT & business topics through brief surveys-and earn cashhttp://www.techsay.com/default.php? page=join.php&p=sourceforge&CID=DEVDEV_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- No alerts attacking with nmap Josep Pujadas i Jubany (Mar 28)
- Re: No alerts attacking with nmap Joel Esler (Mar 28)
- <Possible follow-ups>
- Fwd: No alerts attacking with nmap Joel Esler (Mar 28)