[Snort-users] en0 problems
This is a discussion on [Snort-users] en0 problems within the Snort forums, part of the System Security and Security Related category; --Apple-Mail-1-2468159 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; format=flowed I installed snort ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
12-13-2004
|
|||
|
|||
[Snort-users] en0 problems
--Apple-Mail-1-2468159 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; format=flowed I installed snort 2.2.0 on Mac OS X 10.3.6 together with ACID 0.9.6b23. Everything went fine. My problem is maybe not a snort problem. When I start snort: sudo snort -vd -c /etc/snort/snort.conf I get the following warning: Running in IDS mode Log directory = /var/log/snort Initializing Network Interface en0 OpenPcap() device en0 network lookup: en0: no IPv4 address assigned --== Initializing Snort ==-- Initializing Output Plugins! Decoding Ethernet on interface en0 Initializing Preprocessors! Initializing Plug-ins! Parsing Rules file /etc/snort/snort.conf and nothing is output to ACID - or to mysql. I checked: echo "SELECT count(*) FROM event" | mysql snort -u root -p ) which gives: count(*) 0 Does anybody know how to tell snort to use the ppp0 interface for en0 ? Is this a Mac OS X issue? Thanks, Allan --Apple-Mail-1-2468159 Content-Transfer-Encoding: 7bit Content-Type: text/enriched; charset=US-ASCII I installed snort 2.2.0 on Mac OS X 10.3.6 together with ACID<fontfamily><param>Lucida Grande</param> 0.9.6b23. Everything went fine. My problem is maybe not a snort problem. When I start snort: sudo snort -vd -c /etc/snort/snort.conf I get the following warning: Running in IDS mode Log directory = /var/log/snort <bold>Initializing Network Interface en0 OpenPcap() device en0 network lookup: en0: no IPv4 address assigned</bold> --== Initializing Snort ==-- Initializing Output Plugins! Decoding Ethernet on interface en0 Initializing Preprocessors! Initializing Plug-ins! Parsing Rules file /etc/snort/snort.conf and nothing is output to ACID - or to mysql. I checked: echo "SELECT count(*) FROM event" | mysql snort -u root -p ) which gives: count(*) 0 Does anybody know how to tell snort to use the ppp0 interface for en0 ? Is this a Mac OS X issue? Thanks, Allan</fontfamily> --Apple-Mail-1-2468159-- ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
