[Snort-devel] Packet Capturing

Russ Combs (rucombs) rucombs at ...3461...
Mon Mar 24 05:23:40 EDT 2014


Please redirect your question to the snort-users list.  You can find that list here: http://snort.org/community/mailing-lists.

________________________________
From: Nanda Vardhan [nandu7ninja at ...2499...]
Sent: Sunday, March 23, 2014 10:35 AM
To: snort-devel at lists.sourceforge.net
Subject: [Snort-devel] Packet Capturing

I am a newbie of Snort IDS. I installed Snort 2.9.6.0 on ubuntu. I want to sniff packets from all the devices connected to wifi router and get alerts based on some rules I defined. I manually setup NIC to promiscuous mode. My problem is that I cannot sniff packets of other devices. Am getting packet information of only laptop on which Snort is running.

I used following command:

$ sudo snort -c  snort.conf -A console -i wlan0

Output:
           Preprocessor Object: SF_DNP3  Version 1.1  <Build 1>
           Preprocessor Object: SF_IMAP  Version 1.0  <Build 1>
           Preprocessor Object: SF_SIP  Version 1.1  <Build 1>
           Preprocessor Object: SF_DNS  Version 1.1  <Build 4>
           Preprocessor Object: SF_SSLPP  Version 1.1  <Build 4>
Commencing packet processing (pid=3312)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20140324/bf884eee/attachment.html>


More information about the Snort-devel mailing list