[Snort-users] Can see any log message from snort !!

Kevin LEE klee at ...957...
Thu Jan 4 21:52:21 EST 2001


Hi:

    I am newbie to snort and I try to download the latest fullset rules
file.

I modify the HOME_NET variable to my ip system address and create a
directory

under /var/log/snort.

I run the following command to start snort as daemon.

snort -A fast -c /etc/snort.rules -D

where snort.rules is file I download from www.snort.org

I try to run nmap on my machine for testing as follow;

nmap -v <ip_address of my host machine>

File snort.alert is create in the /var/log/snort directory with zero
byte.

Did I miss any option in the snort command ?? What is the actual problem
??



--
Kevin LEE                       Tel:         +61 3 8371 5300
Software Architect              Direct:      +61 3 8371 5378
eSec Limited                    Fax:         +61 3 8371 5399
"Protecting Your e-Business"    Web:         http://www.esec.com.au







More information about the Snort-users mailing list