[Snort-devel] Snort Packet Capturing

Nanda Vardhan nandu7ninja at ...2499...
Thu Mar 20 16:54:01 EDT 2014

I am a newbie of Snort IDS. I installed Snort on ubuntu. I want to
sniff packets from all the devices connected to wifi router and get alerts
based on some rules I defined. I manually setup NIC to promiscuous mode. My
problem is that I cannot sniff packets of other devices. Am getting packet
information of only laptop on which Snort is running.

I used following command:

$ sudo snort -c  snort.conf -A console -i wlan0

           Preprocessor Object: SF_DNP3  Version 1.1  <Build 1>
           Preprocessor Object: SF_IMAP  Version 1.0  <Build 1>
           Preprocessor Object: SF_SIP  Version 1.1  <Build 1>
           Preprocessor Object: SF_DNS  Version 1.1  <Build 4>
           Preprocessor Object: SF_SSLPP  Version 1.1  <Build 4>
Commencing packet processing (pid=3312)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20140321/c5442084/attachment.html>

More information about the Snort-devel mailing list