[Snort-users] Snort Stopped

Martin Roesch roesch at ...421...
Wed Apr 18 22:41:03 EDT 2001


Don't use the default logging mechanism, use the binary logger (-b at
the command line or "output log_tcpdump: snort.log" in the conf file). 
Using the default logging mechanism when using Snort as a dedicated IDS
is asking for a DoS against your sensor for exactly this reason.

    -Marty

--
Martin Roesch
roesch at ...421...
http://www.snort.org




More information about the Snort-users mailing list