[Snort-sigs] Hello!

John Sage jsage at ...425...
Thu Mar 21 23:41:02 EST 2002


Gautam:

You don't state what OS platform and snort version you're refering to;
that would be potentially helpful information.

The line:

"./snort -dev -l ./log -h 192.168.1.0/24 -c snort.conf"

is the command line, typed at a command prompt.

This invokes snort when the current directory contains the snort
executable ( ./snort ) and also snort.conf ( -c snort.conf )

-l ./log  sets logging into the current directory;

-h 192.168.1.0/24  sets this as $HOME_NET -- is that correct for your
network?

The rules files you should have received with the snort distribution,
and would be files named *.rules, also in the snort installation
directory.

Does this make any sense at all?


- John
-- 
The weirdest thing about Window$ is that it's so opaque



On Wed, Mar 20, 2002 at 05:56:49PM -0800, Gautam Verma wrote:
> Respected Sir/Madam:
> 
> My name is Gautam Verma and I am a student at the
> University of South Florida trying to do a project
> based on SNORT.  We have to run SNORT in the NIDS mode
> and all rule sets to collect data from the log file
> and write a paper about our findings.  However, I do
> not understand where it is that the "./snort -dev -l
> ./log -h 192.168.1.0/24 -c snort.conf" needs to be
> inserted and also where can I get a rule set and how
> do I go about using the rule set.  I would really
> appriciate if I could get some help regarding this
> matter.
> 
> Thank you,
> 
> Sincerely,
> 
> Gautam.




More information about the Snort-sigs mailing list