Snort mailing list archives
Re: Way to generate alerts?
From: Matthew Van Gent <matthew () crosspetroleum com>
Date: Thu, 10 Jan 2013 14:46:55 -0800
administrator@cp-pci-1301:~$ curl testmyids.com uid=0(root) gid=0(root) groups=0(root) administrator@cp-pci-1301:~$ I do not see any alerts in snortreport. From: Heine Lysemose [mailto:lysemose () gmail com] Sent: Thursday, January 10, 2013 2:22 PM To: Matthew Van Gent Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] Way to generate alerts? Hi Have you tried; curl testmyids.com<http://testmyids.com>? /Lysemose On Jan 10, 2013 11:12 PM, "Matthew Van Gent" <matthew () crosspetroleum com<mailto:matthew () crosspetroleum com>> wrote: Hello, I apologize if this is the wrong spot to send this email, I am new to snort. I have used autosnort(https://github.com/da667/Autosnort ) on my Dell Poweredge T310 server running Ubuntu 12.04.1 LTS. I have configured port mirroring on my external connection and confirmed with wireshark that it is working, however, I am not receiving any generated alerts from snort. Is there a way to generate alerts guaranteed? I have nmap on an external machine, and when I run a nmap "attack" against this IP I do not receive any alerts via Snort Report. I am trying to narrow down if snort is misconfigured, barnyard2 is not functioning, or something else entirely. Any information on this is welcome. Thanks, Matthew Van Gent IT Assistant Cross Petroleum 6920 Lockheed Drive Redding, CA 96002 ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET<http://ASP.NET>, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnmore_122712 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnmore_122712
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Way to generate alerts? Matthew Van Gent (Jan 10)
- Re: Way to generate alerts? Heine Lysemose (Jan 10)
- Re: Way to generate alerts? Matthew Van Gent (Jan 10)
- Re: Way to generate alerts? Giles Coochey (Jan 17)
- Re: Way to generate alerts? Joel Esler (Jan 17)
- Re: Way to generate alerts? Matthew Van Gent (Jan 10)
- Re: Way to generate alerts? Heine Lysemose (Jan 10)