Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort + DARPA

From: waldo kitty <wkitty42 () windstream net>
Date: Mon, 06 Oct 2014 14:22:37 -0400
On 10/6/2014 1:48 PM, Tho Le Phuoc wrote:

Hi,

I am spending a lot of time installing and running Snort with DARPA data set (
TCPdump) to get alert from Snort, however I always get no alert, no logging. Can
you give me some hints for what I am doing wrong? I am installing Snort 2.9.6.2
on CentOS7 with latest rule on Snort.org. Anyone can advise what else should i do?


have you checked the FAQ? if not, you really should take a look at it...

you might also try starting your snort with "-k none" (without the quotes)...

https://github.com/vrtadmin/snort-faq/blob/master/README.md

-- 
  NOTE: No off-list assistance is given without prior approval.
        Please *keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

------------------------------------------------------------------------------
Slashdot TV.  Videos for Nerds.  Stuff that Matters.
http://pubads.g.doubleclick.net/gampad/clk?id=160591471&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: