Snort mailing list archives
Snort Sensors do not appear to be detecting what they should
From: "Jacobi, Michael W CIV NSWCCD Philadelphia, 10432" <michael.jacobi1 () navy mil>
Date: Wed, 11 Mar 2015 18:42:41 +0000
I have been recently asked to start working with the Snort installation at my site (Snort 2.9.6.2, Barnyard, BASE). Based on what alerts I am seeing, I feel that the system is not detecting what is should be finding. For example the sensor that is facing my ISP has less than 20 detects in the last few days, and I am seeing events on sensors that I know should be passing by other sensors but I do not see an correlation in the detects between the sensors. I have had prior IDS experience, but I just started attempting to work with Snort. I would appreciate what help you can give me to work to making this system more functional. Pointers to FAQs and other online resources are always helpful. Thanks! Mike Jacobi ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort Sensors do not appear to be detecting what they should Jacobi, Michael W CIV NSWCCD Philadelphia, 10432 (Mar 11)