Snort mailing list archives

Re: Network Interface Issue in Ubuntu 16.04

From: James Lay <jlay () slave-tothe-box net>
Date: Fri, 17 Feb 2017 05:00:20 -0700

Ok cool...looks like you should be ready to test snort as IDS

sudo snort -T -c <whereever your snort.conf file is> -i <your interface>

James


On 2017-02-17 04:18, tantioification . wrote:

Snort run very well James,
This is the output after i stop snort.

WARNING: No preprocessors configured for policy 0.
WARNING: No preprocessors configured for policy 0.
02/17-17:54:08.840646 180.214.255.80:137 [1] -> 180.214.255.255:137
[2]
UDP TTL:128 TOS:0x0 ID:18306 IpLen:20 DgmLen:78
Len: 50
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

^C*** Caught Int-Signal
WARNING: No preprocessors configured for policy 0.
02/17-17:54:08.913368 180.214.255.75:22 [3] -> 120.188.82.45:42983 [4]
TCP TTL:64 TOS:0x10 ID:13061 IpLen:20 DgmLen:584 DF
***AP*** Seq: 0xBA6EB345  Ack: 0xEC79DF7E  Win: 0x104  TcpLen: 20
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

===============================================================================
Run time for packet processing was 372.11609 seconds
Snort processed 11617 packets.
Snort ran for 0 days 0 hours 6 minutes 12 seconds
   Pkts/min:         1936
   Pkts/sec:           31
===============================================================================
Memory usage summary:
  Total non-mmapped bytes (arena):       782336
  Bytes in mapped regions (hblkhd):      21590016
  Total allocated space (uordblks):      670336
  Total free space (fordblks):           112000
  Topmost releasable block (keepcost):   105952
===============================================================================
Packet I/O Totals:
   Received:        11635
   Analyzed:        11618 ( 99.854%)
    Dropped:            0 (  0.000%)
   Filtered:            0 (  0.000%)
Outstanding:           17 (  0.146%)
   Injected:            0
===============================================================================
Breakdown by protocol (includes rebuilt packets):
        Eth:        11617 (100.000%)
       VLAN:            0 (  0.000%)
        IP4:        10850 ( 93.398%)
       Frag:            0 (  0.000%)
       ICMP:            2 (  0.017%)
        UDP:          260 (  2.238%)
        TCP:        10564 ( 90.936%)
        IP6:          306 (  2.634%)
    IP6 Ext:          525 (  4.519%)
   IP6 Opts:          219 (  1.885%)
      Frag6:            0 (  0.000%)
      ICMP6:          225 (  1.937%)
       UDP6:           81 (  0.697%)
       TCP6:            0 (  0.000%)
     Teredo:            0 (  0.000%)
    ICMP-IP:            0 (  0.000%)
    IP4/IP4:            0 (  0.000%)
    IP4/IP6:            0 (  0.000%)
    IP6/IP4:            0 (  0.000%)
    IP6/IP6:            0 (  0.000%)
        GRE:            0 (  0.000%)
    GRE Eth:            0 (  0.000%)
   GRE VLAN:            0 (  0.000%)
    GRE IP4:            0 (  0.000%)
    GRE IP6:            0 (  0.000%)
GRE IP6 Ext:            0 (  0.000%)
   GRE PPTP:            0 (  0.000%)
    GRE ARP:            0 (  0.000%)
    GRE IPX:            0 (  0.000%)
   GRE Loop:            0 (  0.000%)
       MPLS:            0 (  0.000%)
        ARP:          223 (  1.920%)
        IPX:            0 (  0.000%)
   Eth Loop:            0 (  0.000%)
   Eth Disc:            0 (  0.000%)
   IP4 Disc:            0 (  0.000%)
   IP6 Disc:            0 (  0.000%)
   TCP Disc:            0 (  0.000%)
   UDP Disc:            0 (  0.000%)
  ICMP Disc:            0 (  0.000%)
All Discard:            0 (  0.000%)
      Other:          262 (  2.255%)
Bad Chk Sum:            0 (  0.000%)
    Bad TTL:            0 (  0.000%)
     S5 G 1:            0 (  0.000%)
     S5 G 2:            0 (  0.000%)
      Total:        11617
===============================================================================
Snort exiting

Thank you



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Network Interface Issue in Ubuntu 16.04 tantioification . (Feb 14)
- Re: Network Interface Issue in Ubuntu 16.04 James Lay (Feb 14)
  - Re: Network Interface Issue in Ubuntu 16.04 Noah Dietrich (Feb 15)
- <Possible follow-ups>
- Re: Network Interface Issue in Ubuntu 16.04 tantioification . (Feb 15)
  - Re: Network Interface Issue in Ubuntu 16.04 James Lay (Feb 15)
- Re: Network Interface Issue in Ubuntu 16.04 tantioification . (Feb 17)
  - Re: Network Interface Issue in Ubuntu 16.04 James Lay (Feb 17)
- Re: Network Interface Issue in Ubuntu 16.04 tantioification . (Feb 17)
  - Re: Network Interface Issue in Ubuntu 16.04 James Lay (Feb 17)
- Re: Network Interface Issue in Ubuntu 16.04 tantioification . (Feb 17)
  - Re: Network Interface Issue in Ubuntu 16.04 James Lay (Feb 18)
    - Re: Network Interface Issue in Ubuntu 16.04 tantioification . (Feb 18)
    - Re: Network Interface Issue in Ubuntu 16.04 James Lay (Feb 18)
- Re: Network Interface Issue in Ubuntu 16.04 tantioification . (Feb 18)
  - Re: Network Interface Issue in Ubuntu 16.04 Dwight Hill (Feb 18)
    - Re: Network Interface Issue in Ubuntu 16.04 Luke Ager (Feb 18)