Snort mailing list archives
Re: Lets talk about ....
From: AllowOverride <allowoverride () gmail com>
Date: Sun, 07 Oct 2012 16:42:37 -0700
1. here is stdout after starting snort: see attached: anything wrong there? still not logging, after correcting 2. in console mode - i see ping traffic from remote host pinging snort server 3. also flowbits? this is not running Inline, ill read more about that later, when i have 2nd nic. 4. -G -S are defined in barnyard2.conf. - see attached 5. Reputation config: WARNING: Can't find any whitelist/blacklist entries. Reputation Preprocessor disabled. what is the syntax in the snort.conf file... howtos are pissing me off.... I have: whitelist $WHITE_LIST_PATH/white_list.rules, \ blacklist $BLACK_LIST_PATH/black_list.rules 6. I found the problem i believe, snort.u2 vs snort.log defined in snort.conf.... good grief... made filename snort looks for as snort.log, there were no warnings in syslog nor snort stdout in console mode... 7. lastly, i dont have a 2nd nic. where would i define that, and if not defined, will it cause issues? thanks pete appreciated...
--- Begin Message --- From: Peter Bates <peter.bates () ucl ac uk>
Date: Sun, 7 Oct 2012 23:19:54 +0100
<<< text/html: EXCLUDED >>>
--- End Message ---
Attachment:
snort-stdout1.txt
Description:
Attachment:
snort-etc-confs.tar
Description:
------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Lets talk about .... PR (Oct 06)
- Re: Lets talk about .... Peter Bates (Oct 07)
- Re: Lets talk about .... AllowOverride (Oct 07)
- Re: Lets talk about .... AllowOverride (Oct 07)
- Re: Lets talk about .... Peter Bates (Oct 07)
- Re: Lets talk about .... AllowOverride (Oct 08)
- Re: Lets talk about .... Peter Bates (Oct 08)
- Re: Lets talk about .... AllowOverride (Oct 08)
- Re: Lets talk about .... Peter Bates (Oct 09)
- Re: Lets talk about .... AllowOverride (Oct 09)
- Re: Lets talk about .... Jeremy Hoel (Oct 09)
- Re: Lets talk about .... AllowOverride (Oct 09)
- Message not available
- Re: Lets talk about .... Peter Bates (Oct 09)
- Re: Lets talk about .... AllowOverride (Oct 09)
- Re: Lets talk about .... Peter Bates (Oct 07)
- Re: Lets talk about .... AllowOverride (Oct 09)
- Re: Lets talk about .... AllowOverride (Oct 09)