Snort mailing list archives
Re: FW: about snort crond problem
From: "Yavuzhan Canli" <ycanli () tekfen com tr>
Date: Wed, 17 Jan 2007 09:37:17 +0200
snort version : 2.6.1.1 -------------------------------------------- crontab rules : SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root HOME=/ # run-parts 01 * * * * root run-parts /etc/cron.hourly 02 4 * * * root run-parts /etc/cron.daily 22 4 * * 0 root run-parts /etc/cron.weekly 42 4 1 * * root run-parts /etc/cron.monthly ------------------------------------------- cmd line : /usr/local/bin/snort -i eth0 -c /etc/snort/snort.conf ------------------------------------------- snort.conf file attached -------------------------------------------- Thank you very much.. Yavuzhan -----Original Message----- From: rmkml [mailto:rmkml () free fr] Sent: Wednesday, January 17, 2007 8:55 AM To: Yavuzhan Canly Subject: Re: [Snort-users] FW: about snort crond problem Hi Yavuzhan, please send more information, snort version ? crontab rules ? snort cmd line ? snort.conf ? Regards Rmkml On Wed, 17 Jan 2007, Yavuzhan Canl? wrote:
Date: Wed, 17 Jan 2007 08:48:00 +0200 From: "[iso-8859-9] Yavuzhan Canl?" <ycanli () tekfen com tr> To: Snort-users () lists sourceforge net Subject: [Snort-users] FW: about snort crond problem hi to all, I have met with following problem that you can see below. Snort service alwas stopping per 1 hour and I could start it manually. Can anyone have
met
same problem ? I would be appreciated. Thank You. ------------------------------------------------------------------ Jan 15 13:44:45 snort snort[16580]: Not Using PCAP_FRAMES Jan 15 13:55:21 snort snort[16580]: WARNING => [Alert_FWsam] Did not
receive
response from host 10.10.1.50. Will try again later. Jan 15 14:01:01 snort crond(pam_unix)[16587]: session opened for user root by (uid=0) Jan 15 14:01:01 snort crond(pam_unix)[16587]: session closed for user root Jan 15 14:15:28 snort snort[16580]: INFO => [Alert_FWsam] Had to use
initial
key! Jan 15 14:15:28 snort snort[16580]: INFO => [Alert_FWsam](FWsamCheckIn) Connected to host 10.10.1.50. Jan 15 14:30:05 snort kernel: device eth0 left promiscuous mode Jan 15 15:01:01 snort crond(pam_unix)[16595]: session opened for user root by (uid=0) Jan 15 15:01:01 snort crond(pam_unix)[16595]: session closed for user root Yavuzhan Canl? -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.410 / Virus Database: 268.16.10/626 - Release Date:
14.01.2007
-- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.410 / Virus Database: 268.16.12/630 - Release Date:
15.01.2007
-- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.410 / Virus Database: 268.16.12/630 - Release Date: 15.01.2007 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.410 / Virus Database: 268.16.13/632 - Release Date: 16.01.2007
Attachment:
snort.conf.txt
Description:
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- FW: about snort crond problem Yavuzhan Canlı (Jan 16)
- <Possible follow-ups>
- Re: FW: about snort crond problem Yavuzhan Canli (Jan 16)