Seeking promiscuity, finding only fidelity: frustration reigns ...

[Eric Fowler <eric.fowler () gmail com>]

Story of my life ...

I have a USB netcard that is in promiscuous mode - ifconfig says it is
promiscuous,and I can use Wireshark to inspect packets that are sent
between third party (i.e. not the machine wireshark /snort i s running on).
I am able to flood the network with UDP traffic of known profile. Wireshark
sees it. Snort does not.

I have written a simple rule to catch all UDP traffic. It does see some
packets but all are local.

What is going wrong?

Help a lonely nerd find satisfaction, if only for tonight ....

Eric

------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!