Snort mailing list archives
Help Configuring Snort
From: Michael Iaconianni <michael.iaconianni () iaspecialists com>
Date: Tue, 12 Jul 2016 17:25:44 +0000
Hello, I’ve been trying to configure snort as a NIDS. I have it running as an IDS and I am successfully able to get it to run. I am using a standard configuration file. For rules I am using the latest community rules. However I am having some issues getting it to work. I am running snort using the following command: Snort –c /etc/snort/snort.conf –l log/ -h 192.168.1.1 –s Snort will run and get the rules. It will also pass the test when it is ran with –T. Snort then says decoding raw IP4 and it does not capture any packets. When I stop running with ctrl c it displays 0 packets for Packet I/O total. I have attached the configuration file, the rules file, and the text that comes up when I run snort. I am new to snort and any help would be greatly appreciated. Thank you, Mike
Attachment:
snortoutput
Description: snortoutput
Attachment:
snort.conf.bak
Description: snort.conf.bak
Attachment:
community.rules
Description: community.rules
------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports.http://sdm.link/zohodev2dev
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Help Configuring Snort Michael Iaconianni (Jul 13)