[Snort-users] no TCP traffic except in/out of the snort serv er (SUN 2.7)
cschuler at ...1139...
Tue Jan 16 08:26:32 EST 2001
Is the Sparc plugged into a switched network?
If so then you need to be placed on a SPAN o Monitor port (Cisco terms) The
port you are plugged into on the switch need to be setup to mirror all
traffic that is switched.
If you are non-switched environment...dunno, make sure your network card on
the Sparc is entering promiscuous mode (check /var/log/messages)
From: Fab Lab [mailto:fab_lab at ...125...]
Sent: Tuesday, January 16, 2001 5:55 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] no TCP traffic except in/out of the snort server
Hi there !
I just installed snort-1.7 on a Sparc running 2.7...
I am NOT a sun specialist, NOR a newtwork specialist,NOR .... ;-)
here is what I've done :
installed libnet from
installed libpcap package libpcap-0.4-sol7-sparc-local.bz2
compiled snort w/ gcc .
snort -v -h mynetwork/24
* all the TCP traffic in and out of the SUN,
* some UDP traffic on port 138 (NETBIOS Datagram Service) between
* but doesn't show me any other TCP traffic between any other machine
any idea / suggestion ?
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
More information about the Snort-users