Snort mailing list archives

Some Events are not logging to the snort logs.

From: "Josh Lutz" <jlutz () ESIENT com>
Date: Tue, 8 Jan 2002 15:21:53 -0500

I check /var/log/authlog and I see attempts by the Code Red II worm
testing my perimeter (coming in, not going out.) However, when I look at
the snort logs, I do not see any record of the attempt. As I understand
it, my snort log should capture these attempts and send an alert. As a
new user to Snort, I am uncertain at best, but to aid any one assisting
me, I am starting snort via the following cmd line:
 
[path to snort]/snort -i xl1 -d -c [path to snort.conf] -l
/home/snort/ext_log -s -b -D
 
Any help would be greatly appreciated.
Thanks,
Josh
 
---------------------------------------------
Joshua Lutz
Network Engineer, ESI Enterprises, Inc.
1188 Centre Street
Newton Centre MA 02459
p. 617.527.4343 x107
f. 617.527.3303
e. jlutz () esient com
 

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Some Events are not logging to the snort logs. Josh Lutz (Jan 08)
- <Possible follow-ups>
- RE: Some Events are not logging to the snort logs. Josh Lutz (Jan 08)
  - Re: Some Events are not logging to the snort logs. Martin Roesch (Jan 08)