Snort mailing list archives
Re: Snort 2.9.4.5 rules using pp
From: Y M <snort () outlook com>
Date: Mon, 22 Apr 2013 19:07:03 +0300
If you run snort with -A console or -A cmg, do you see any alerts on the console? Also run tcpdump against the interface you are listening from, simply tcpdump -i ethX -v Do you see any traffic? Replace ethX with your interface. ________________________________ From: Ashraf Ali<mailto:ashrafali.ibs () gmail com> Sent: 4/22/2013 3:37 PM To: snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net> Subject: [Snort-users] Snort 2.9.4.5 rules using pp Hi All, recently i have deployed snort in ubuntu 12.04 using Autosnort , during the installation PP asked for Oinkcode ,as i am a registered user so i have provided the same. After completion of the installation, i have seen that snort and barnyard2 services are running in Deamon mode, and in /var/log/snort folder a file with name snort.u2.1366**** is also created but empty(0 bytes). -rw-r--r-- 1 snort snort 2056 Apr 22 17:54 barnyard2.waldo *-rw------- 1 snort snort 0 Apr 22 17:54 snort.u2.136662****** there is a single rules file called snort.rules in /usr/local/snort/rules folder which has all the downloaded snort rules, and same is included in the snort.conf file. Even i have run the snort in test mode using -T , it does not shows up any problem, its working fine but not generating any logs. I have formated the server , and re-installed every thing manually this time. still the same problem. file is getting created but no logs. pls Advice. Ashraf Security System Egnineer
------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort 2.9.4.5 rules using pp Ashraf Ali (Apr 22)
- <Possible follow-ups>
- Re: Snort 2.9.4.5 rules using pp Y M (Apr 22)
- Re: Snort 2.9.4.5 rules using pp Ashraf Ali (Apr 22)
- Re: Snort 2.9.4.5 rules using pp James Lay (Apr 23)
- Message not available
- Message not available
- Fwd: Snort 2.9.4.5 rules using pp Ashraf Ali (Apr 23)
- Fwd: Snort 2.9.4.5 rules using pp Ashraf Ali (Apr 23)
- Re: Fwd: Snort 2.9.4.5 rules using pp waldo kitty (Apr 24)
- Re: Fwd: Snort 2.9.4.5 rules using pp Ashraf Ali (Apr 24)
- Re: Snort 2.9.4.5 rules using pp James Lay (Apr 24)
- Re: Snort 2.9.4.5 rules using pp Ashraf Ali (Apr 24)
- Re: Snort 2.9.4.5 rules using pp James Lay (Apr 24)
- Re: Snort 2.9.4.5 rules using pp Ashraf Ali (Apr 22)