Snort mailing list archives
Re: No data on Snort Report.
From: Jeremy Hoel <jthoel () gmail com>
Date: Thu, 15 Mar 2012 15:23:36 +0000
You can setup a rule that fires on any web traffic (port 80). Then also you can turn on basic text/syslog output in the snort.conf. Then you can browse the web and it alert on that rule. in snort.conf output alert_syslog: LOG_LOCAL6 LOG_ALERT and in local.rules alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"HTTP TEST"; sid:999999;) On Thu, Mar 15, 2012 at 3:08 PM, Rick <ttricktt () gmail com> wrote:
Hi Everyone, New to Snort. No data on Snort Report. This is a new install using Ubuntu 11.10 I followed the user guide, Snort 2.9.2 and Snort Report 1.3.3 on Ubuntu 10.04 LTS Installation Guide. The install went good and Snort Report is available on my browser I just don't get any data. eth0 is configured with no IP and connected to a mirrored port, pointing to the LAN side of an ASA5510. etho1 is configured with an IP address connect to the LAN. The switch is a ProCurve 2626. Can anyone give some insight how to test the IDS. Thanks, Rick ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- No data on Snort Report. Rick (Mar 15)
- Re: No data on Snort Report. Jeremy Hoel (Mar 15)
- Re: No data on Snort Report. Rick (Mar 15)
- Re: No data on Snort Report. Jeremy Hoel (Mar 15)
- Re: No data on Snort Report. Nick Moore (Mar 15)