Snort mailing list archives
Openbsd 3.3 snort no log output
From: Duncan Matthew Stirling <duncan () mbase com>
Date: Tue, 27 May 2003 15:57:32 -0600
I have just built a new IDS box on OpenBSD, and successfully built snort http://www.snort.org/dl/snort-2.0.0.tar.gz.
Everything seemed to go fine, but snort won't generate logging to directory I designate.
I'm launching snort via the cmd: "snort -de -l /ids -c /etc/snort/snort.conf"
I can get tcpdump -nxi fxp1 to logged data..15:55:53.543328 63.250.205.26.80 > my.net.com.64745: . 322482:323942(1460) ack 1 win 64240 (DF)
4500 05dc 213a 4000 7306 8b08 3ffa cd1a
8b8e bd36 0050 fce9 a058 fcd9 da46 f490
5010 faf0 6759 0000 2444 db08 0901 0000
0000 db08 8200 0048 5dd3 0800 8a80 0100
7401 010b 0000 0000 08b6 0800 0046 8d01
009a
15:55:53.544038 63.250.205.26.80 > my.net.com.64745: P
323942:324753(811) ack 1 win 64240 (DF)
4500 0353 213b 4000 7306 8d90 3ffa cd1a
8b8e bd36 0050 fce9 a059 028d da46 f490
5018 faf0 63d8 0000 ef82 a05b 9073 3ace
d692 1639 b5fb e4b1 89f2 7e8c dbec 6a03
e560 424a 1450 ed09 419c ade5 5d88 efa1
dbc9
How can I resolve this, what should I be looking for?
-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Openbsd 3.3 snort no log output Duncan Matthew Stirling (May 28)
- Re: Openbsd 3.3 snort no log output Erek Adams (May 28)