Snort mailing list archives

Re: Still trying to build this box

From: Jim Turner <JTurner () hilltopconsultants com>
Date: Tue, 12 Mar 2013 10:40:53 -0400

Is there a way to test?  I want to be sure the box is recording alerts?

I watched this video on youtube and he was able to generate logs by pinging Google and Myspace.

From: James Lay [mailto:jlay () slave-tothe-box net]
Sent: Tuesday, March 12, 2013 10:31 AM
To: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Still trying to build this box

On 2013-03-12 08:03, Jim Turner wrote:

I have made progress since last night. Snort is now starting and not
erroring on the rules. I accomplished this by uninstalling and
starting all over again. Now I am just unable to log any of the data.

I have attached my snort.conf. I have pasted the results of this
command line:

snort -A console -i1 -c c:snortetcsnort.conf -l c:snortlog -K ascii

I feel like I am almost there. Please assist.


You don't seem to have any alerts, so you won't see anything until you
do:

Alerts: 0 ( 0.000%)
Logged: 0 ( 0.000%)

James

------------------------------------------------------------------------------
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
endpoint security space. For insight on selecting the right partner to
tackle endpoint security challenges, access the full report.
http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net>
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

________________________________

------------------------------------------------------------------------------
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester  
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the  
endpoint security space. For insight on selecting the right partner to 
tackle endpoint security challenges, access the full report. 
http://p.sf.net/sfu/symantec-dev2dev

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Still trying to build this box Jim Turner (Mar 12)
- Re: Still trying to build this box James Lay (Mar 12)
  - Re: Still trying to build this box Jim Turner (Mar 12)
- Re: Still trying to build this box waldo kitty (Mar 12)
  - Re: Still trying to build this box Jim Turner (Mar 12)
    - Re: Still trying to build this box waldo kitty (Mar 12)
    - Re: Still trying to build this box Jim Turner (Mar 12)