Snort mailing list archives
RE: got a little problem with acid and snort logging
From: "Michael Steele" <michaels () winsnort com>
Date: Sat, 22 Nov 2003 22:27:34 -0800
Which directions did you follow? Try running the complete run line with a -T at the end. Cheers... -Michael Steele -- System Engineer / Security Support Technician mailto:michaels () winsnort com Website: http://www.winsnort.com Snort: Open Source Network IDS - http://www.snort.org
-----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users- admin () lists sourceforge net] On Behalf Of qodqod Sent: Saturday, November 22, 2003 9:54 PM To: snort-users () lists sourceforge net Subject: [Snort-users] got a little problem with acid and snort logging hi guys, i just installed snort following the newest version of snort, acid, and redhat 9 it is dated 11/9/03, i ran thru it with no porblems but i do cannt get acid to have the output right Sensors: 0 Unique Alerts: 0 ( 0 categories ) Total Number of Alerts: 0 * Source IP addresses: 0 * Dest. IP addresses: 0 * Unique IP links 0 * Source Ports: 0 o TCP ( 0) UDP ( 0) * Dest. Ports: 0 o TCP ( 0) UDP ( 0) notice that the sensors is 0 but i am running snort, with these options snort -devbc /etc/snort/snort.conf i also have all the rules installed in the proper place, but one look at the log reveals that there are no logs in the /var/log/snort/ i only see -rw------- 1 root snort 0 Nov 22 21:41 alert -rw------- 1 root root 0 Nov 22 21:41 portscan.log yet snort has been running for almost 3 hours. i am running ADSL and my config file for snort is setup like this var HOME_NET 68.75.100.43/32 var EXTERNAL_NET !$HOME_NET i also searched google with no luck thank you ________________________________ 15 Mbytes Free Web-based and POP3 Sign up now: http://www.gawab.com ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- got a little problem with acid and snort logging qodqod (Nov 22)
- RE: got a little problem with acid and snort logging Michael Steele (Nov 22)