Snort mailing list archives
New member, 3 quick questions
From: r s <wera711 () gmail com>
Date: Sun, 5 Jul 2009 19:30:44 -0400
Hi, New to snort and I just instaleld 2.8.2.2 on my BSD box. I have read a lot of documentation over the past 2 days and had a few quick questions: 1. what is the most common way to run snort? I have been running it as such: ./snort -de -h 192.168.3.0/24 -c /usr/ports/security/snort/work/snort-2.8.2.2/etc/snort.conf I normally keep a separate session open with a tail -f /var/log/snort/alert Is there a better way to do this? I have heard you can run snort as a daemon so that it runs in the background. If I do it this way, will it still continue to run if I close the session? Do I simply append a "-D" at the end of my command line to run it in the background? 2. What do dynamic modules do? Just a quick definition is what I'm looking for. 3. Preprocessors: Are they used to expand upon snort and do in depth inspection that the regular rules cannot do? They are used alongside the regular rules? Thank you
------------------------------------------------------------------------------
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- New member, 3 quick questions r s (Jul 05)
- Re: New member, 3 quick questions Paul Melson (Jul 05)
- Re: New member, 3 quick questions Joel Esler (Jul 06)
- Re: New member, 3 quick questions Paul Melson (Jul 05)