Snort mailing list archives
Re: ICMP AND UDP
From: Joel Esler <joel.esler () sourcefire com>
Date: Sat, 20 Jan 2007 11:33:40 -0500
Snort will analyze all traffic by default. Do you have any udp and icmp traffic that could be triggering rules? Are you using Snort as a packet logger or and IDS? Do you have udp and icmp rules turned on? What is your Snort command line look like? Joel On Sat, Jan 20, 2007 at 04:22:26PM +0300, it looks like Sunil Kumar sent me:
Dear all, I was looking for how to log ICMP and UDP traffic on my Redhat SNORT. I am able see only TCP logs not ICMP AND UDP. If anyone know please post the procedure and configuration how to log ICMP and UDP packets on my SNORT IDS. Thanks Sunil
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
+---------------------------------------------------------------------+ joel esler senior security consultant 1-706-627-2101 gpg key: http://demo.sourcefire.com/jesler.pgp.key +---------------------------------------------------------------------+ ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- ICMP AND UDP Sunil Kumar (Jan 20)
- Re: ICMP AND UDP Joel Esler (Jan 20)
- Re: ICMP AND UDP Joel Esler (Jan 20)
- Re: ICMP AND UDP Sunil Kumar (Jan 20)
- Re: ICMP AND UDP Joel Esler (Jan 20)
- Re: ICMP AND UDP Joel Esler (Jan 20)