Snort mailing list archives
Re: snort running as daemon while sysloging
From: sekure <sekure () gmail com>
Date: Sat, 24 Jul 2004 18:12:31 -0400
Is your HOME_NET defined correctly? Are you listening on the correct interface? Are you spanning the ports to see all the traffic? Is there any traffic out there that would actually trigger the rules? As you can see there are a lot of variables.... On Fri, 23 Jul 2004 17:43:26 -0400, nanocurie <nanocurie () comcast net> wrote:
Hello all, I want snort to start at boot as a daemon on Fedora Core 2 (redhat). I want it to log its alerts in /var/log/snort/ (which already exists) in syslog format. I've pieced this together from what I've found on the net... /usr/local/bin/snort -l /var/log/snort -D -h xxx.xxx.xxx.xxx/xxx -c /usr/local/snort/etc/snort.conf I look in /var/log/snort/ and nothings happening. Although, I've found somethings in /var/log/messages, regarding snort's initialization but not much else. This snort.conf file is stock, and for the most part, unchanged from the initial install. I've google'd and I've read through the man's. Am I going in the right direction? Any suggestions? thanks ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort running as daemon while sysloging nanocurie (Jul 23)
- Re: snort running as daemon while sysloging sekure (Jul 24)
- Help for dropping packet bonnie buwono (Jul 24)
- <Possible follow-ups>
- RE: snort running as daemon while sysloging Harper, Patrick (Jul 23)
- Re: snort running as daemon while sysloging sekure (Jul 24)