Snort mailing list archives
Re: snort cannot monitor traffic
From: Patrick Mullen <pmullen () sourcefire com>
Date: Mon, 15 Oct 2018 20:56:09 -0400
Hello! You should direct your question to the snort-users list, but I believe the first thing you should try is to make sure you are running snort as root and also you need to know that if you are launching attacks at the device running snort, unless you disabled hardware checksum offloading, snort will ignore the traffic due to checksum errors. It is best to run snort on a separate device, only monitoring traffic. Thanks, Patrick On Mon, Oct 15, 2018, 10:20 AM main chan via Snort-sigs < snort-sigs () lists snort org> wrote:
Dear sir I use use one of the blade to monitor mirror the port from a ubuntu which install snort, but I can directly ping to nic which has monitor traffic Regrads Ricky Chan _______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- snort cannot monitor traffic main chan via Snort-sigs (Oct 15)
- Re: snort cannot monitor traffic Patrick Mullen (Oct 15)