Snort mailing list archives
Re: Signature Problem
From: Kai Chan via Snort-users <snort-users () lists snort org>
Date: Sat, 9 Sep 2017 13:32:12 -0400
Thanks to everyone for their help. I had to disable checksums for Snort to fire alerts. Thanks, Kai On Sep 8, 2017 8:09 PM, <wkitty42 () windstream net> wrote:
On 09/08/2017 06:44 PM, Kai Chan via Snort-users wrote:As I said before, I get ICMP alerts, but if I try to browse a webpage or do a DNS query, it still won't alert. Tcpdump seems to work fine on the container, so I don't understand why Snort wouldn't. Did I forget to do something?try adding "-k none" to your command line to turn off packet checksums... please keep your response(s) on the list... -- NOTE: No off-list assistance is given without prior approval. *Please keep mailing list traffic on the list unless* *a signed and pre-paid contract is in effect with us.* _______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Signature Problem Kai Chan via Snort-users (Sep 08)
- Re: Signature Problem wkitty42 (Sep 08)
- Re: Signature Problem Kai Chan via Snort-users (Sep 09)
- Re: Signature Problem wkitty42 (Sep 08)