[Snort-users] Snort re-setup issues
This is a discussion on [Snort-users] Snort re-setup issues within the Snort forums, part of the System Security and Security Related category; Heya, Maybe I just need to bounce this off someone for a sanity check...advice would be great. Our old ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-28-2004
|
|||
|
|||
[Snort-users] Snort re-setup issues
Heya,
Maybe I just need to bounce this off someone for a sanity check...advice would be great. Our old SNORT box completely died, so I was unable to get the config file from there to make this easy. The real problem now is that it's not logging anything coming in. /var/log/snort/alert is empty. Here's some quick facts to hopefully narrow down the solution: - Snort box IP address: 192.168.42.51 on eth0 - eth0 is set to promiscuous mode - Snort is listening to 64.69.xxx.xxx/27 - The log files are created and appropriate permissions are given (/var/log/snort) - I've tried to change Snort to listen to 192.168.42.0/24, and portscanning from another box in that network, but Snort didn't log it. - The box is behind two switches... I haven't seen a solution in my searching...any thoughts on where to go next? Thanks, Greg ------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
