[Snort-users] Logging Error

Loki loki.loa at ...56...
Sun Jul 30 18:49:57 EDT 2000


First off, I wouldn't run SNORT as user root.. Create a user snort, then
chown the /var/adm/snort dir as the user.. start snort with ' -u snort '
switch..

just my 2 cents


----- Original Message -----
From: "Jeffrey Denton" <dentonj at ...202...>
To: <Snort-users at lists.sourceforge.net>
Sent: Sunday, July 30, 2000 3:35 PM
Subject: [Snort-users] Logging Error


> I'm new to this list. Excuse me if this has already been covered.  I
> looked through the archives on the website, but didn't find anything.
>
> Snort version 1.6.3
> Slackware 7.1
> 2.2.16
> egcs-2.91.66
>
> #snort -s -d -i ppp0 -l /usr/adm/snort -c /etc/snort/rules.base
>
> I get the following error when I run the above command:
>
> [!] ERROR:Can not get write to logging directory /usr/adm/snort.
> (directory doesn't exist or permissions are set incorrectly)
>
> #ls -l /usr/adm/snort
> -rw-------   1 root     root            0 Jul 30 13:38 /usr/adm/snort
>
> I've tried every permission from 600 to 777.  If I run snort without -l I
> get:
>
> # snort -s -i ppp0 -c /etc/snort/vision.conf
>
> [!] ERROR:Can not get write to logging directory /var/log/snort.
> (directory doesn't exist or permissions are set incorrectly)
>
> # ls -l /var/log/snort
> -rw-------   1 root     root            0 Jul 30 13:38 /var/log/snort
>
> /usr/adm is ln -s to /var/log.
>
> Any ideas?
>
> Jeff
>
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/snort-users





More information about the Snort-users mailing list