Re: Some Guidance

["Al Lewis \(allewi\) via Snort-devel" <snort-devel () lists snort org>]

You probably want to run in NIDS mode.

http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node6.html



From: Snort-devel <snort-devel-bounces () lists snort org> on behalf of Vivian Gloria via Snort-devel <snort-devel () 
lists snort org>
Reply-To: Vivian Gloria <vvngloria () gmail com>
Date: Monday, May 20, 2019 at 8:28 AM
To: "snort-devel () lists snort org" <snort-devel () lists snort org>
Subject: [Snort-devel] Some Guidance

Hello Snort experts,
I am a student doing a mini project on how to secure IOT devices using snort. I have two IOT devices connected to a 
router, a Windows laptop where I installed snort and a virtual machine with Kali Linux for injecting DOS attacks, I 
have commented out some rules in the snort.conf file, and i have some test rules in the local rules file. When I start 
snort as a packet logger I get some logs but not related to DOS attack I have injected. But when I start snort as a 
NIDS I don't get any feedback, it stops on "commencing packet processing".
Am therefore requesting for some guidance.  Thanks.

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!