Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: snort running as daemon while sysloging

From: "Harper, Patrick" <patrick.harper () phns com>
Date: Fri, 23 Jul 2004 17:55:24 -0500
Make the changes in your snort.conf file and use the S99snort file that
comes with the RPM and or source to start it.  Make sure you edit the
S99snort (you will have to change the path to the snort binary and the
snort.conf file) and give it +x.  This is the way I have done it before?


Patrick S. Harper | CISSP RHCT MCSE
Information Security Engineer
patrick.harper () phns com 


-----Original Message-----
From: nanocurie [mailto:nanocurie () comcast net] 
Sent: Friday, July 23, 2004 4:43 PM
To: snort-users
Subject: [Snort-users] snort running as daemon while sysloging

Hello all,
        I want snort to start at boot as a daemon on Fedora Core 2
(redhat). I want it to log its alerts in /var/log/snort/ (which already
exists) in syslog format. I've pieced this together from what I've found
on the net...

/usr/local/bin/snort -l /var/log/snort -D -h xxx.xxx.xxx.xxx/xxx -c
/usr/local/snort/etc/snort.conf

I look in /var/log/snort/ and nothings happening. 
Although, I've found somethings in /var/log/messages, regarding snort's
initialization but not much else.

This snort.conf file is stock, and for the most part, unchanged from the
initial install.
I've google'd and I've read through the man's.

Am I going in the right direction? Any suggestions?

thanks




-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java
Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users





Disclaimer:
This electronic message, including any attachments, is confidential and intended solely for use of the intended 
recipient(s). This message may contain information that is privileged or otherwise protected from disclosure by 
applicable law. Any unauthorized disclosure, dissemination, use or reproduction is strictly prohibited. If you have 
received this message in error, please delete it and notify the sender immediately. 





-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idG21&alloc_id040&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: