Re: Alert file

[waldo kitty <wkitty42 () windstream net>]

On 3/20/2013 01:57, Mohammad MontazerI wrote:
> Hello dear all.
> i enabled Network Intrusion Detection System (NIDS) mode and i recorded my
> network packets.
> this command: ./snort -d -l ./log -c snort.conf
> now in log directory there are two files:
> on of them log all packets and another one name is alert.
> i think this file should contain warning, attacks and ... against my network.
> but after about 7 hours the file still empty!!!
> this is good. but i want test snort. so how can write data in alert file?
> what i can do?

you have to cause an alert for the alert file to have anything written in it...

pick a rule and create traffic that will cause it to fire...



------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!