[Snort-sigs] what does this command do?

Matt Kettler mkettler at ...189...
Mon Apr 28 11:13:02 EDT 2003


Also of note, this list is for signature development, not general config 
questions.

If you have further questions regarding configuration, snort-users is the 
best place to ask. There's also many more subscribers on snort-users, so 
it's more likely someone familiar with your problem will see your post there.


At 11:59 AM 4/28/2003 -0500, Schmehl, Paul L wrote:
>man snort
>
>-c config-file
>         Use the rules located in file config-file.
>-d Dump the application layer data when displaying
>    packets in verbose or packet logging mode
>-v Be verbose.  Print packets out to the console.
>    There is one big problem with verbose mode:  it's
>    slow.  If you are doing IDS work with Snort, don't
>    use the '-v' switch, you WILL drop packets.
>
>Paul Schmehl (pauls at ...1311...)
>Adjunct Information Security Officer
>The University of Texas at Dallas
>AVIEN Founding Member
>http://www.utdallas.edu/~pauls/
>
> > -----Original Message-----
> > From: stormshadow [mailto:storm-shadow at ...1143...]
> > Sent: Sunday, April 27, 2003 7:21 PM
> > To: snort-sigs at lists.sourceforge.net
> > Subject: [Snort-sigs] what does this command do?
> >
> >
> > I'm new to snort so bear with me.
> > What exactly is this command doing:
> >
> > snort -dvc /root/snort_dir_here/etc/snort.conf
> >
> > I know the v switch is sniffer mode. But is snort running in IDS mode
> > with that command as well?
> >
> > Also, what argument should I use when utilizing the rules that come
> > bundled with snort. I keep getting errors.
> >
> > Thanks for any help
> > SS
> >





More information about the Snort-sigs mailing list