Re: subnet alerting problem

["zap.beeb" <zap.beeb () web de>]

Unsubscribe
On Jan 23, 2019 2:11 PM, "Al Lewis (allewi) via Snort-users" <snort-users () lists snort org> wrote:
> Hello,
>
>  
>
> Are you spanning all network traffic or running snort inline? If not.. snort isn’t seeing all of the traffic on your 
> network.
>
>  
>
>  
>
> Albert Lewis
>
> ENGINEER.SOFTWARE ENGINEERING
>
> Cisco Systems Inc.
>
> Email: allewi () cisco com 
>
>  
>
>  
>
> From: Snort-users <snort-users-bounces () lists snort org> on behalf of basan via Snort-users <snort-users () lists 
> snort org>
> Reply-To: basan <basan_j () hotmail com>
> Date: Wednesday, January 23, 2019 at 7:46 AM
> To: "snort-users () lists snort org" <snort-users () lists snort org>
> Subject: [Snort-users] subnet alerting problem
>
>  
>
> Hello,
>
> I recently downloaded and installed snort3 on ubuntu 18, it is working fine but it gives me alert only for its 
> interface IP address, although I have used the entire subnet range for the HOME_NET in the snort.lua configuration. 
> Is there a way that snort can give me alert for all the hosts in the HOME_NET range addresses?
>
>  
>
> Below is the command that I use to run snort:
>
> snort -c /usr/local/etc/snort/snort.lua -R /usr/local/etc/snort/rules/local.rules \-i ens5 -A alert_fast -s 65535 -k 
> none
>
>  
>
> Thanks,
>
> Basan
>
>  
_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

        To unsubscribe, send an email to:
        snort-users-leave () lists snort org

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette