Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Newbie Snort Questions

From: "Naman Latif" <naman.latif () inamed com>
Date: Tue, 2 Dec 2003 11:25:36 -0800
Hi,
We are setting up Snort to be used as a NIDS and I was wondering what is
the best way to start Snort from the command line i.e. which switches to
use

1. We will be using Barnyard for processing the unified log files

2. If we are using Cisco Net Flow for Traffic stats and we also generate
traffic logs from PIX Log Files. Is there any reason that we should use
Snort Logging ? OR Only Alert Logging will be enough ? Will we be
missing some important information this way ?

3. Does Snort Logging means to "Log all Packets" Or will it only Log the
Traffic that matches some Rules (with action set as 'log') ?

3. Is this a correct way to start Snort as NIDS mode

        snort -dev -c snort.conf -D

Regards,
Naman


-------------------------------------------------------
This SF.net email is sponsored by OSDN's Audience Survey.
Help shape OSDN's sites and tell us what you think. Take this
five minute survey and you could win a $250 Gift Certificate.
http://www.wrgsurveys.com/2003/osdntech03.php?site=8
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: