Re: FW: snort 2.9.4.6 not logging

[waldo kitty <wkitty42 () windstream net>]

On 7/23/2013 12:29, Maged Shenouda wrote:
> Thanks for the feedback, so all those rules files that are included in the
> /snort/rules and those that are included in the snort.conf are not alerting any
> suspecious traffic? wow my system must be very secure and not attracting any one?

secure is one thing... attracting attention is another ;)

what servers do you run on your protected network behind snort? if there's no 
servers available to the public, there's nothing for anyone to mount a frontal 
attack on... of course, snort must be able to see the traffic, too... if it is 
in encrypted tunnels, snort may not see it...

if you have no infestations internally, then there's no outbound alerts to be 
raised letting you know about the infestations... of course, snort must be able 
to see the traffic, too... if it is in encrypted tunnels, snort may not see it...


-- 
NOTE: No off-list assistance is given without prior approval.
       Please keep mailing list traffic on the list unless
       private contact is specifically requested and granted.

------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!