Re: getting sensitive-data cc# alert to fire

[rmkml <rmkml () yahoo fr>]

Sorry for disturb,

2> is stderr, no pb with snort alerts (use 1> / stdout).
(2> used by snort starting version...)

Regards
@Rmkml


On Mon, 3 Feb 2014, waldo kitty wrote:

> On 2/3/2014 8:37 AM, jason wrote:
> > Thanks for replying James
> >
> > > > Try adding -k none to your command line.
> >
> > I was using –knone so I changed that but still no hits…
> >
> > /usr/local/bin/snort -c /etc/snort/snort.conf -Acmg -k none -r
> > /tmp/snort_pcap_dump.cap 2> /dev/null
> >
> > /usr/local/bin/snort -c ./snort-2.9.5.3/etc/snort.conf -Acmg -k none -r
> > /tmp/snort_pcap_dump.cap 2> /dev/null
> >
> > This seems to work for everyone right out of the box so I am really at a loss
> > why I can’t get it alerting…
> >
> > I’m using 2.9.5.3 but will try a fresh install of 2.9.6 and try again.
>
> as joel asked, why are you redirecting to /dev/null?? how can you get error 
> messages, if there are any, from there? ;)
------------------------------------------------------------------------------
Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!