[Snort-devel] Packet Capturing

Nanda Vardhan nandu7ninja at ...2499...
Sun Mar 23 10:35:41 EDT 2014


I am a newbie of Snort IDS. I installed Snort 2.9.6.0 on ubuntu. I want to
sniff packets from all the devices connected to wifi router and get alerts
based on some rules I defined. I manually setup NIC to promiscuous mode. My
problem is that I cannot sniff packets of other devices. Am getting packet
information of only laptop on which Snort is running.

I used following command:

$ sudo snort -c  snort.conf -A console -i wlan0

Output:
           Preprocessor Object: SF_DNP3  Version 1.1  <Build 1>
           Preprocessor Object: SF_IMAP  Version 1.0  <Build 1>
           Preprocessor Object: SF_SIP  Version 1.1  <Build 1>
           Preprocessor Object: SF_DNS  Version 1.1  <Build 4>
           Preprocessor Object: SF_SSLPP  Version 1.1  <Build 4>
Commencing packet processing (pid=3312)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20140323/a11c5300/attachment.html>


More information about the Snort-devel mailing list