Snort mailing list archives
RE: anyone have any trouble getting guardian to work
From: "Jyri Hovila" <jyri.hovila () iki fi>
Date: Mon, 6 Aug 2001 03:03:15 +0300
Howdy! It can be a bit tricky to get Guardian work as the documentation is not too good. First of all, make sure that the logfile Guardian is reading is written in Snort's 'fast' format. Guardian can only read the 'fast' logfile; it does not cope with full or tcpdump format log files. If this is not the problem in your case, then please send me your Guardian and Snort configuration files (guardian.conf and snort.conf, don't need the *.rules files) and I'll try to figure out what's wrong. Yours, Jyri Information Security Specialist Tel: +358-41-448 3238 E-mail: jyri.hovila () iki fi Certifications: http://www.brainbench.com/transcript.jsp?pid=2301241 -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Advanced Hosting UNIX Admin Daniel Fairchild Sent: 6. elokuuta 2001 1:53 To: snort-users () lists sourceforge net Subject: [Snort-users] anyone have any trouble getting guardian to work I am trying to use guardian to add entries to my iptables and I am getting nothing I put guardian in debug mode and it reads from the alert file but does nothing. TIA for anyones help with this one. -- Advanced Hosting UNIX Admin | Daniel Fairchild danielf () supportteam net Unix is like a wigwam -- no Gates, no Windows, and an Apache inside. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- anyone have any trouble getting guardian to work Advanced Hosting UNIX Admin Daniel Fairchild (Aug 05)
- RE: anyone have any trouble getting guardian to work Jyri Hovila (Aug 05)