Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort configuration

From: "Al Lewis (allewi)" <allewi () cisco com>
Date: Sat, 11 Jun 2016 11:53:01 +0000
That is because you are running snort in sniffer mode and not IDS mode.

Checkout the overview section of the manual.

http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node6.html


http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node2.html




Albert Lewis
QA SNORT/Sourcefire
SOURCEfire, Inc. now part of Cisco
9780 Patuxent Woods Drive
Columbia, MD 21046
Phone: (office) 443.430.7112
Email: allewi () cisco com

From: Velusami, Selvi [mailto:selvi.velusami () verizon com]
Sent: Friday, June 10, 2016 5:00 PM
To: snort-users () lists sourceforge net
Cc: Selvi Velusami
Subject: [Snort-users] Snort configuration

Hi,

I am very new to snort and I need to configure the same to our VM environment.

Please find below my environment details


1.       Snort is installed on a centos OS with two networks in VM environment

2.       Downloaded the snort.rules from snort.org

3.       I have modified the below parameters in the snort.conf file and set the path to /etc/snort/rules

a.       RULE_PATH

b.      SO_RULE_PATH

c.       PREPROC_RULE_PATH

d.      WHITE_LIST_PATH

e.      BLACK_LIST_PATH

4.       After these things when I issue the command snort -v , I am getting the below messages.
"No Preprocessors configured for policy 0"

I am sure that I am missing a big stuff here. Any pointers or configuration help to configure the same will be much 
appreciated.


Thanks,
Selvi.V





------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: