Snort mailing list archives
Re: Snort not generating alerts
From: bobby via Snort-users <snort-users () lists snort org>
Date: Sat, 19 Oct 2019 11:11:13 -0400
I do not get those alerts on my console screen. On Thu, Oct 17, 2019 at 7:57 PM wkitty42--- via Snort-users < snort-users () lists snort org> wrote:
i'm putting this back on the list where it belongs instead of in private... my responses are in line below... On 10/17/19 7:42 PM, bobby wrote:How do I know if it works? It says it received 31119 packets.are you getting those alerts you were looking for if you add it? that's how you know ;)Also, not sure if I can do this with an inline interface.shouldn't matter...On Sat, Oct 12, 2019 at 9:32 PM wkitty42--- via Snort-users wrote: On 10/12/19 7:22 PM, bobby via Snort-users wrote: > I am running Snort on a Ubuntu 16 server. I made sure myinterface is in> promiscuous mode. I've also tested the configuration file, andit returned> fine. I tested with local.rules, for ICMP alerts, which worksfile. Butwhen > Snort is running, no alerts are generated otherwise. I wentthrough myrules, > and I have over 80,000 rules active. I am not sure if thismatters, butthey > are set to 'drop'. > Please advise. Thank you. have you tried adding "-k none" to your snort command line? you might also want to disable all offloading of tasks to your NICor othercards so that snort can perform those offloaded tasks itself...-- NOTE: No off-list assistance is given without prior approval. *Please keep mailing list traffic on the list unless* *a signed and pre-paid contract is in effect with us.* _______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users To unsubscribe, send an email to: snort-users-leave () lists snort org Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users To unsubscribe, send an email to: snort-users-leave () lists snort org Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Current thread:
- Snort not generating alerts bobby via Snort-users (Oct 12)
- Re: Snort not generating alerts wkitty42--- via Snort-users (Oct 12)
- Message not available
- Re: Snort not generating alerts wkitty42--- via Snort-users (Oct 17)
- Re: Snort not generating alerts bobby via Snort-users (Oct 19)
- Re: Snort not generating alerts Dorian ROSSE via Snort-users (Oct 22)
- Message not available
- Re: Snort not generating alerts wkitty42--- via Snort-users (Oct 12)