Snort mailing list archives
Re: Snort Logging IP's but isn't Creating the Alert File
From: H3XX <h3xx () mail com>
Date: Wed, 12 Apr 2006 22:27:01 -0500
Without knowing your setup I can't say for sure, but my first thought would be rights to the directory you are trying to write to. ----- Original Message ----- From: "Palula Brasil" To: snort-users () lists sourceforge net Subject: [Snort-users] Snort Logging IP's but isn't Creating the Alert File Date: Wed, 12 Apr 2006 22:06:01 -0300 Hey everybody! I've been using Snort as a single box IDS (HIDS). I found a new box and am preparing it to be a NIDS. Anyway... Here is the line which I've been working with:/usr/sbin/snort -D -A full -N -i eth0 -p -l /folder/subfolder/ -h x.x.x.x/x -D to work as Daemon-A full to generate full alerts-N for it not o log folders with machine IP's (I just want the alerts)-i eth0 to watch on my eth0 interface-p for the interface to act non promiscuous-l to log to this folder-h to designate a home network But this generates no alerts. I personally went to a security testing site and issued a portscan on my machine, beside doing a portscan from work and nothing has been alerted. What am I doing wrong? Thanks a lot! -- ___________________________________________________ Play 100s of games for FREE! http://games.mail.com/
Current thread:
- Snort Logging IP's but isn't Creating the Alert File Palula Brasil (Apr 12)
- <Possible follow-ups>
- Re: Snort Logging IP's but isn't Creating the Alert File H3XX (Apr 12)