Snort mailing list archives

FW: Help!!!

From: <support () nps-dc org>
Date: Fri, 1 Aug 2003 23:07:44 -0400

don't know if anyone has gotten to you yet- are you on a switched network?
is your eth card in promiscuous mode?  (libpcap ??)

Fernando

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Brandon Hanks
Sent: Friday, August 01, 2003 3:32 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Help!!!

I used Patrick S. Harper's install guide,
<http://www.snort.org/docs/snort_acid_rh9.pdf> Snort, Apache, PHP, MySQL,
ACID on Redhat 9.0 Installation Guide , without any problems.  Here is my
problem: When I perform a Nessus audit on a machine on my local network,
Snort does not log any intrusion detection activity.  But, when I direct the
Nessus audit directly at the box running Snort, the log files are generated
and can be viewed using Acid.  In my snort.conf file, I defined my local
network as 192.168.0.0/24, which covers a small windows environment.  BTW,
using Snort 2.0.  The Snort box is located on my local network at
192.168.0.198.  Why does it not register,log, or recognize attacks directed
at machines within its local network?  Any help will be greatly
appreciated...Thanks

Current thread:

Help!!! Brandon Hanks (Aug 01)
- Re: Help!!! Patrick S. Harper - CISSP (Aug 01)
- RE: Help!!! Tom H (Aug 01)
- <Possible follow-ups>
- RE: Help!!! Schmehl, Paul L (Aug 01)
- FW: Help!!! support (Aug 01)
- FW: Help!!! support (Aug 02)
- Help!!! henrique de lima arabe - PDBL/uoi (Aug 25)
  - Re: Help!!! Matt Kettler (Aug 25)
  - Re: Help!!! Erek Adams (Aug 25)
  - Re: Help!!! Edin Dizdarevic (Aug 26)
- RE: Help!!! David (Aug 25)