[Snort-users] Snort Stopped

Daniel Paul Hart dan at ...1842...
Thu Apr 19 08:54:48 EDT 2001


Marty,

Thanks for your advice, what should I use to view the logs?

Cheers,

Dan.

-------Original Message-------

From: Martin Roesch
Date: 19 April 2001 03:43:06
To: Daniel Paul Hart
Cc: roel at ...47...; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snort Stopped

Don't use the default logging mechanism, use the binary logger (-b at
the command line or "output log_tcpdump: snort.log" in the conf file). 
Using the default logging mechanism when using Snort as a dedicated IDS
is asking for a DoS against your sensor for exactly this reason.

-Marty

--
Martin Roesch
roesch at ...421...
http://www.snort.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20010419/8428d874/attachment.html>


More information about the Snort-users mailing list