Re: I can not see it

[<Greta.Ji () sungard com>]

Thanks for every one. It works. 

You guys are real wonderful peoples. I am so happy to join 
this mailing group.

--Greta 

-----Original Message-----
From: snort-users-bounces () lists sourceforge net
[mailto:snort-users-bounces () lists sourceforge net] On Behalf Of Eric
Hines
Sent: Thursday, October 05, 2006 1:55 PM
To: Ji, Greta
Cc: Snort-users () lists sourceforge net
Subject: Re: [Snort-users] I can not see it

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Greta,

You mentioned a switch, I sure hope you are connected to a span port on
the switch or a Tap. Otherwise, you're not going to see anything except
broadcast traffic.

Best Regards,

Eric S. Hines, GCIA, CISSP
CEO, President, Chairman
Applied Watch Technologies, LLC


- --------------------------------------------------

Eric S. Hines, GCIA, CISSP
CEO, President, Chairman
Applied Watch Technologies, LLC

- --------------------------------------------------

Email:   eric.hines () appliedwatch com
Address: 1095 Pingree Road
         Suite 221
         Crystal Lake, IL
         60014
Tel:     (877) 262-7593 ext:327
Local:   (847) 854-5831
Fax:     (847) 854-5106
Web:     http://www.appliedwatch.com

- --------------------------------------------------
Security Management for the Open Source Enterprise





Greta.Ji () sungard com wrote:
> Hi,
>  
> I am a new user on this list. I have a simple problem, and hope to get

> a help. I just installed Snort 2.6 on Centos. I follow the document to

> bring
> eth1 up (eth0 has IP to connect to the Internal network).  But I can 
> not see any traffic on eth1 (tcpdump -i eth1). I checked the switch, I

> can see traffice on the interface (# sh interface f0/8):
>  
>     monitor session 1 source interface Fa0/2
>     monitor session 1 destination interface Fa0/8
>      270471 packets output, 65224246 bytes, 0 underruns
>  
> Did I missing anything at here? Could some one help me?
>  
> Thank you,
>  
> --Greta
>
>
> ----------------------------------------------------------------------
> --
>
> ----------------------------------------------------------------------
> --- Take Surveys. Earn Cash. Influence the Future of IT Join 
> SourceForge.net's Techsay panel and you'll get the chance to share 
> your opinions on IT & business topics through brief surveys -- and 
> earn cash 
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEV
> DEV
>
>
> ----------------------------------------------------------------------
> --
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFJUbf1va6QYTV0EMRAtboAJ99CBdy18UaTdAjl/zqfBrUavQfkwCfY5t7
qIWPA5sGx0Gx59weLaK09L0=
=TWSq
-----END PGP SIGNATURE-----

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users