Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: First time snorting ... ERROR: The dynamic detection library ...

From: waldo kitty <wkitty42 () windstream net>
Date: Tue, 19 Nov 2013 15:30:37 -0500
On 11/19/2013 2:30 PM, Alan McKay wrote:

Just a quick update - I have not had a chance until now to look at
this - and the local test rules given are not triggering alerts but
I'm not asking for further help just yet  - I'm going to dig into this
a bit myself to see where I get.   I'm just bumping the thread with a
quick update.


ok...


I think first things first I'm going to get this daemonized and then
figure out why those local rules are not being read because best I can
tell that is my problem with those rules at this point.


FWIW: those rules will trigger on pretty much any traffic that snort sees... if 
they are not triggering at all, then your traffic may be packaged in some packet 
type...

are you using VLans?


On Fri, Nov 15, 2013 at 12:15 PM, waldo kitty <wkitty42 () windstream net> wrote:

. if it was, then things are
working properly... if it was not, then we have to look deeper...

----- snip -----
#
# The rules in this file are only to test a snort installation to see if it is
# seeing any traffic at all. These rules should NOT be used all the time. Once
# tested and working, this rule file should be commented out in your snort.conf
# so that it is not used.
#
#------------------
# LOCAL TEST RULES
#------------------



-- 
NOTE: No off-list assistance is given without prior approval.
       Please keep mailing list traffic on the list unless
       private contact is specifically requested and granted.

------------------------------------------------------------------------------
Shape the Mobile Experience: Free Subscription
Software experts and developers: Be at the forefront of tech innovation.
Intel(R) Software Adrenaline delivers strategic insight and game-changing 
conversations that shape the rapidly evolving mobile landscape. Sign up now. 
http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: