Re: Snort Configuration

[waldo kitty <wkitty42 () windstream net>]

On 3/19/2014 12:02 AM, Nanda Vardhan wrote:
> Hello
>
> I am a new user of snort. I installed it on ubuntu and running it for packet
> capturing on wlan0 interface. My problem is that am unable to packet information
> of other devices on the network. I was just getting information of ip address
> that is assigned to the device on which snort was running.
>
>
> I tried configuring HOME_NET variable but of no use. please kindly help me.

1. what version of snort?
2. what user:group are you running snort as?
3. is your NIC properly being set to promiscuous mode?
4. how it your device connected? wire or cable?
4a. if wire, to a router/switch or hub?
4a1. if router/switch, is the port mirroring all traffic on all ports?

that should work for now but you should read the FAQ on how to ask a good 
question and provide the necessary data for a good and reasonable response...

PS: note my sig below. do not respond to me in private as so many others do ;)
-- 
NOTE: No off-list assistance is given without prior approval.
       Please keep mailing list traffic on the list unless
       private contact is specifically requested and granted.

------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!